CVE-2022-0705

Cross-site Scripting XSS - Stored in GitHub repository pimcore/pimcore prior to 10.4.0...

Cross site scripting

Cross-site Scripting XSS - Stored in GitHub repository pimcore/pimcore prior to 10.4.0...

CVE-2022-0705

PVE: CVE-2022-0705 is a stored XSS in Pimcore (pimcore/pimcore) prior to version 10.4.0. The vulnerability arises from how user-supplied data (e.g., Abbreviation/Longname/Converter Service values) is processed and output, enabling JavaScript execution in a client context. Several connected source...

CVE-2022-0705 Cross-site Scripting (XSS) - Stored in pimcore/pimcore

Cross-site Scripting XSS - Stored in GitHub repository pimcore/pimcore prior to 10.4.0...

CVE-2022-0704

Cross-site Scripting XSS - Stored in GitHub repository pimcore/pimcore prior to 10.4.0...

CVE-2022-0704

Cross-site Scripting XSS - Stored in GitHub repository pimcore/pimcore prior to 10.4.0...

CVE-2022-0911

Cross-site Scripting XSS - Stored in GitHub repository pimcore/pimcore prior to 10.4.0...

Cross site scripting

Cross-site Scripting XSS - Stored in GitHub repository pimcore/pimcore prior to 10.4.0...

CVE-2022-0911 Cross-site Scripting (XSS) - Stored in pimcore/pimcore

Cross-site Scripting XSS - Stored in GitHub repository pimcore/pimcore prior to 10.4.0...

CVE-2022-0911

PIMCORE CROSS-SITE SCRIPTING (CVE-2022-0911): Multiple connected sources confirm a stored XSS in pimcore/pimcore prior to version 10.4.0. The vulnerability stems from improper handling/validation of user-supplied data in Objectbricks and output filtering, enabling client-side JavaScript execution...

Debian DLA-2950-1 : python-scrapy - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2950 advisory. It was found that Scrapy, a framework for extracting data from websites, could send HTTP Authorization as well as cookies to other domains in case of redirections,...

Oracle Linux 8 : vim (ELSA-2022-0894)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-0894 advisory. - CVE-2022-0361 vim: Heap-based Buffer Overflow in GitHub repository - CVE-2022-0413 vim: use after free in src/excmds.c - CVE-2022-0413 vim: use after...

CVE-2022-0970

CVE-2022-0970 concerns Grav CMS (getgrav/grav). The vulnerability is a stored cross-site scripting issue in Grav prior to 1.7.31 caused by lack of proper data validation/filtering of user-supplied data and output, enabling JavaScript execution on the client side. The available connected documenta...

CVE-2022-0970 Cross-site Scripting (XSS) - Stored in getgrav/grav

Cross-site Scripting XSS - Stored in GitHub repository getgrav/grav prior to 1.7.31...

CVE-2022-0970 Cross-site Scripting (XSS) - Stored in getgrav/grav

Cross-site Scripting XSS - Stored in GitHub repository getgrav/grav prior to 1.7.31...

CVE-2022-0966

Stored XSS via File Upload in star7th/showdoc in GitHub repository star7th/showdoc prior to 2.4.10...

CVE-2022-0965

Stored XSS viva .ofd file upload in GitHub repository star7th/showdoc prior to 2.10.4...

CVE-2022-0964

Stored XSS viva .webmv file upload in GitHub repository star7th/showdoc prior to 2.10.4...

CVE-2022-0963

Unrestricted XML Files Leads to Stored XSS in GitHub repository microweber/microweber prior to 1.2.12...

Cross site scripting

Stored XSS viva .ofd file upload in GitHub repository star7th/showdoc prior to 2.10.4...