CVE-2023-2730 Cross-site Scripting (XSS) - Stored in pimcore/pimcore

Cross-site Scripting XSS - Stored in GitHub repository pimcore/pimcore prior to 10.3.3...

Improper access control

Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1...

Design/Logic Flaw

Storage of Sensitive Data in a Mechanism without Access Control in GitHub repository francoisjacquet/rosariosis prior to 11.0...

CVE-2023-2674 Improper Access Control in openemr/openemr

Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1...

CVE-2023-2674

CVE-2023-2674 describes an improper access control vulnerability in OpenEMR before version 7.0.1. Connected sources corroborate that a front-end OpenEMR user could gain authorization to perform restricted actions (e.g., adding a Pharmacy) due to weak access controls in the application’s practice/...

CVE-2023-2666 Allocation of Resources Without Limits or Throttling in froxlor/froxlor

Allocation of Resources Without Limits or Throttling in GitHub repository froxlor/froxlor prior to 2.0.16...

CVE-2023-2665 Storage of Sensitive Data in a Mechanism without Access Control in francoisjacquet/rosariosis

Storage of Sensitive Data in a Mechanism without Access Control in GitHub repository francoisjacquet/rosariosis prior to 11.0...

CVE-2023-2675 Improper Restriction of Excessive Authentication Attempts in linagora/twake

Improper Restriction of Excessive Authentication Attempts in GitHub repository linagora/twake prior to 2023.Q1.1223...

SUSE CVE-2023-2610

Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1532...

CVE-2023-2630

Cross-site Scripting XSS - Stored in GitHub repository pimcore/pimcore prior to 10.5.21...

Input validation

Improper Neutralization of Formula Elements in a CSV File in GitHub repository pimcore/customer-data-framework prior to 3.3.9...

Cross site scripting

Cross-site Scripting XSS - Stored in GitHub repository pimcore/pimcore prior to 10.5.21...

GHSA-6GP6-XJ27-G89Q Duplicate Advisory: Cross-site Scripting (XSS) in name field of Custom Reports

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-m6m9-gr85-79vm. This link is maintained to preserve external references. Original Description Cross-site Scripting XSS - DOM in GitHub repository pimcore/pimcore prior to 10.5.21...

GHSA-J93V-CX26-2XC4 Duplicate Advisory: Cross-site Scripting (XSS) in Predefined Properties delete

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-q7cc-m6jw-m262. This link is maintained to preserve external references. Original DescriptionCross-site Scripting XSS - Reflected in GitHub repository pimcore/pimcore prior to 10.5.21...

CVE-2023-2616 Cross-site Scripting (XSS) - Generic in pimcore/pimcore

Cross-site Scripting XSS - Generic in GitHub repository pimcore/pimcore prior to 10.5.21...

CVE-2023-2614 Cross-site Scripting (XSS) - DOM in pimcore/pimcore

Cross-site Scripting XSS - DOM in GitHub repository pimcore/pimcore prior to 10.5.21...

CVE-2023-2630

The CVE-2023-2630 entry concerns Pimcore (pimcore/pimcore) with a stored Cross-site Scripting (XSS) vulnerability in versions prior to 10.5.21. The identified issue enables injection of JavaScript in contexts where user-supplied data is stored and later rendered by the application, leading to pot...

CVE-2023-2630 Cross-site Scripting (XSS) - Stored in pimcore/pimcore

Cross-site Scripting XSS - Stored in GitHub repository pimcore/pimcore prior to 10.5.21...

Integer overflow

Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1532...

CVE-2023-2610

Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1532...