6574 matches found
CVE-2023-4158
Cross-site Scripting XSS - Stored in GitHub repository omeka/omeka-s prior to 4.0.3...
CVE-2023-4159 Unrestricted Upload of File with Dangerous Type in omeka/omeka-s
Unrestricted Upload of File with Dangerous Type in GitHub repository omeka/omeka-s prior to 4.0.3...
CVE-2023-4159 Unrestricted Upload of File with Dangerous Type in omeka/omeka-s
Unrestricted Upload of File with Dangerous Type in GitHub repository omeka/omeka-s prior to 4.0.3...
CVE-2023-4158
Omeka S prior to 4.0.3 is affected by a stored XSS vulnerability in the omeka/omeka-s codebase. The evidence across multiple sources confirms Cross-site Scripting (XSS) and that the issue exists before version 4.0.3; no explicit root-cause or remediation details are provided in the supplied docum...
CVE-2023-4157 Improper Neutralization of Special Elements in Output Used by a Downstream Component in omeka/omeka-s
CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' in GitHub repository omeka/omeka-s prior to version 4.0.3...
CVE-2023-4157 Improper Neutralization of Special Elements in Output Used by a Downstream Component in omeka/omeka-s
CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' in GitHub repository omeka/omeka-s prior to version 4.0.3...
CVE-2023-4145 Cross-site Scripting (XSS) - Stored in pimcore/customer-data-framework
Cross-site Scripting XSS - Stored in GitHub repository pimcore/customer-data-framework prior to 3.4.2...
CVE-2023-4145
CVE-2023-4145 is a stored XSS vulnerability in pimcore/customer-data-framework present in versions prior to 3.4.2. The issue stems from cross-site scripting in the Customer Data Framework that could be triggered via HTML injection in emails, potentially allowing an attacker to influence a victim’...
GHSA-J63X-F657-2M9G Answer has Weak Password Requirements
Weak Password Requirements in GitHub repository answerdev/answer prior to v1.1.0...
GHSA-V9VC-7X69-C2X8 Answer Missing Authorization vulnerability
Missing Authorization in GitHub repository answerdev/answer prior to v1.1.1...
GHSA-GGCF-HWXP-RC77 Answer Insufficient Session Expiration vulnerability
Insufficient Session Expiration in GitHub repository answerdev/answer prior to v1.1.0...
CVE-2023-4126
Insufficient Session Expiration in GitHub repository answerdev/answer prior to v1.1.0...
Authorization
Missing Authorization in GitHub repository answerdev/answer prior to v1.1.1...
Default credentials
Weak Password Requirements in GitHub repository answerdev/answer prior to v1.1.0...
CVE-2023-4127 Race Condition within a Thread in answerdev/answer
Race Condition within a Thread in GitHub repository answerdev/answer prior to v1.1.1...
CVE-2023-4126 Insufficient Session Expiration in answerdev/answer
Insufficient Session Expiration in GitHub repository answerdev/answer prior to v1.1.0...
CVE-2023-4126 Insufficient Session Expiration in answerdev/answer
Insufficient Session Expiration in GitHub repository answerdev/answer prior to v1.1.0...
CVE-2023-4125 Weak Password Requirements in answerdev/answer
Weak Password Requirements in GitHub repository answerdev/answer prior to v1.1.0...
CVE-2023-4125 Weak Password Requirements in answerdev/answer
Weak Password Requirements in GitHub repository answerdev/answer prior to v1.1.0...
CVE-2023-4124 Missing Authorization in answerdev/answer
Missing Authorization in GitHub repository answerdev/answer prior to v1.1.1...