CVE-2023-5894 Cross-site Scripting (XSS) - Stored in pkp/ojs

Cross-site Scripting XSS - Stored in GitHub repository pkp/ojs prior to 3.3.0-16...

Pimcore Cross-site Scripting vulnerability

Cross-site Scripting XSS - Stored in GitHub repository pimcore/pimcore prior to 11.1.0...

CVE-2023-5873

Cross-site Scripting XSS - Stored in GitHub repository pimcore/pimcore prior to 11.1.0...

Authentication Bypass

github.com/nats-io/nats-server is vulnerable to Authentication Bypass. The vulnerability is due to configureAccounts function in server.go which allows the creation of a no-authenticated user for the global account. This potentially leads an attacker to unauthorized access to the global account...

CVE-2023-5862

Missing Authorization in GitHub repository hamza417/inure prior to Build95...

CVE-2023-5861

Cross-site Scripting XSS - Stored in GitHub repository microweber/microweber prior to 2.0...

Session fixation

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository thorsten/phpmyfaq prior to 3.2.1...

Session fixation

Insufficient Session Expiration in GitHub repository thorsten/phpmyfaq prior to 3.2.2...

CVE-2023-5866 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in thorsten/phpmyfaq

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository thorsten/phpmyfaq prior to 3.2.1...

CVE-2023-5866 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in thorsten/phpmyfaq

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository thorsten/phpmyfaq prior to 3.2.1...

CVE-2023-5867

Summary (CVE-2023-5867) : Stored cross-site scripting vulnerability in the PHPMyFAQ project prior to version 3.2.2. Root cause identified in multiple sources as lack of proper filtering/escaping of user-supplied data in the FileName parameter of the file-attachment upload function, enabling injec...

CVE-2023-5865 Insufficient Session Expiration in thorsten/phpmyfaq

Insufficient Session Expiration in GitHub repository thorsten/phpmyfaq prior to 3.2.2...

CVE-2023-5865 Insufficient Session Expiration in thorsten/phpmyfaq

Insufficient Session Expiration in GitHub repository thorsten/phpmyfaq prior to 3.2.2...

CVE-2023-5864 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq

Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.1...

CVE-2023-5864 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq

Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.1...

CVE-2023-5862 Missing Authorization in hamza417/inure

Missing Authorization in GitHub repository hamza417/inure prior to Build95...

CVE-2023-5861 Cross-site Scripting (XSS) - Stored in microweber/microweber

Cross-site Scripting XSS - Stored in GitHub repository microweber/microweber prior to 2.0...

CVE-2023-5862 Missing Authorization in hamza417/inure

Missing Authorization in GitHub repository hamza417/inure prior to Build95...

CVE-2023-5862 Missing Authorization in hamza417/inure

Missing Authorization in GitHub repository hamza417/inure prior to Build95...

CVE-2023-5833

Improper Access Control in GitHub repository mintplex-labs/anything-llm prior to 0.1.0...