6574 matches found
CVE-2023-4652 Cross-site Scripting (XSS) - Stored in instantsoft/icms2
Cross-site Scripting XSS - Stored in GitHub repository instantsoft/icms2 prior to 2.16.1-git...
CVE-2023-4653 Cross-site Scripting (XSS) - Stored in instantsoft/icms2
Cross-site Scripting XSS - Stored in GitHub repository instantsoft/icms2 prior to 2.16.1-git...
CVE-2023-4649 Session Fixation in instantsoft/icms2
Session Fixation in GitHub repository instantsoft/icms2 prior to 2.16.1...
CVE-2023-4650
CVE-2023-4650 affects instantsoft/icms2 prior to 2.16.1-git and is described as improper access control in the admin account management functionality. Connected sources confirm an admin account takeover/vector exists: a PoC demonstrates an authenticated admin can change other admins’ passwords, e...
CVE-2023-4651 Server-Side Request Forgery (SSRF) in instantsoft/icms2
Server-Side Request Forgery SSRF in GitHub repository instantsoft/icms2 prior to 2.16.1...
CVE-2023-4650 Improper Access Control in instantsoft/icms2
Improper Access Control in GitHub repository instantsoft/icms2 prior to 2.16.1-git...
CVE-2023-4653 Cross-site Scripting (XSS) - Stored in instantsoft/icms2
Cross-site Scripting XSS - Stored in GitHub repository instantsoft/icms2 prior to 2.16.1-git...
CVE-2023-4652
CVE-2023-4652 is a stored Cross-site Scripting (XSS) vulnerability affecting instantsoft/icms2 releases prior to 2.16.1-git. Multiple sources confirm the issue is a stored XSS in icms2, with exploitation via attacker-supplied input that can induce script execution in an affected user’s browser. P...
CVE-2023-4653
CVE-2023-4653 is a stored XSS vulnerability in instantsoft/icms2 prior to 2.16.1-git. The Red Hat and CVE records corroborate stored XSS in icms2, affecting versions before 2.16.1-git. The issue stems from input handling in the affected module (admin/comments path in the Huntr PoC reference), ena...
CVE-2023-4651 Server-Side Request Forgery (SSRF) in instantsoft/icms2
Server-Side Request Forgery SSRF in GitHub repository instantsoft/icms2 prior to 2.16.1...
CVE-2023-4652 Cross-site Scripting (XSS) - Stored in instantsoft/icms2
Cross-site Scripting XSS - Stored in GitHub repository instantsoft/icms2 prior to 2.16.1-git...
CVE-2023-4650 Improper Access Control in instantsoft/icms2
Improper Access Control in GitHub repository instantsoft/icms2 prior to 2.16.1-git...
CVE-2023-4652 Cross-site Scripting (XSS) - Stored in instantsoft/icms2
Cross-site Scripting XSS - Stored in GitHub repository instantsoft/icms2 prior to 2.16.1-git...
FreeBSD : py-httpie -- exposure of sensitive information vulnerabilities (1e37fa3e-5988-4991-808f-eae98047e2af)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 1e37fa3e-5988-4991-808f-eae98047e2af advisory. - Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository httpie/httpi...
CVE-2023-4624
Server-Side Request Forgery SSRF in GitHub repository bookstackapp/bookstack prior to v23.08...
SUSE SLES12 Security Update : vim (SUSE-SU-2023:3463-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3463-1 advisory. Updated to version 9.0 with patch level 1572. - CVE-2023-2426: Fixed Out-of-range Pointer Offset use bsc1210996. - CVE-2023-2609:...
CVE-2023-4561
Cross-site Scripting XSS - Stored in GitHub repository omeka/omeka-s prior to 4.0.4...
Cross site scripting
Cross-site Scripting XSS - Stored in GitHub repository omeka/omeka-s prior to 4.0.4...
CVE-2023-4560 Improper Authorization of Index Containing Sensitive Information in omeka/omeka-s
Improper Authorization of Index Containing Sensitive Information in GitHub repository omeka/omeka-s prior to 4.0.4...
CVE-2023-4561 Cross-site Scripting (XSS) - Stored in omeka/omeka-s
Cross-site Scripting XSS - Stored in GitHub repository omeka/omeka-s prior to 4.0.4...