2348 matches found
gfbgraph security update
An update is available for gfbgraph. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GLib/GObject wrapper for the Facebook Graph API that integrates with GNOME...
js-d3-flame-graph bug fix and enhancement update
An update is available for js-d3-flame-graph. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...
js-d3-flame-graph bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
ALBA-2022:1784 js-d3-flame-graph bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
The vulnerability of the Apache Struts software framework arises from incorrect processing of Object Graph Navigation Language expressions, allowing attackers to execute arbitrary code.
The vulnerability of the Apache Struts software framework exists due to incorrect processing of expressions written in Object Graph Navigation Language. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created request...
GHSA-3VWW-JRMM-9VFF Liferay Portal and Liferay DXP allows arbitrary injection via the site name
Cross-site scripting XSS vulnerability in the Layout module's Open Graph integration before 2.0.4 in Liferay Portal 7.3.0 through 7.4.0, and Liferay DXP 7.3 before service pack 3 allows remote attackers to inject arbitrary web script or HTML via the site name...
Liferay Portal and Liferay DXP allows arbitrary injection via the site name
Cross-site scripting XSS vulnerability in the Layout module's Open Graph integration before 2.0.4 in Liferay Portal 7.3.0 through 7.4.0, and Liferay DXP 7.3 before service pack 3 allows remote attackers to inject arbitrary web script or HTML via the site name...
CVE-2022-26597
Cross-site scripting XSS vulnerability in the Layout module's Open Graph integration in Liferay Portal 7.3.0 through 7.4.0, and Liferay DXP 7.3 before service pack 3 allows remote attackers to inject arbitrary web script or HTML via the site name...
CVE-2022-26597
Cross-site scripting XSS vulnerability in the Layout module's Open Graph integration in Liferay Portal 7.3.0 through 7.4.0, and Liferay DXP 7.3 before service pack 3 allows remote attackers to inject arbitrary web script or HTML via the site name...
Cross site scripting
Cross-site scripting XSS vulnerability in the Layout module's Open Graph integration in Liferay Portal 7.3.0 through 7.4.0, and Liferay DXP 7.3 before service pack 3 allows remote attackers to inject arbitrary web script or HTML via the site name...
CVE-2022-26597
This CVE-2022-26597 affects Liferay Portal 7.3.0–7.4.0 (and Liferay DXP 7.3 before Service Pack 3) via the Layout module’s Open Graph integration. The root cause is a cross-site scripting (XSS) vulnerability that lets remote attackers inject arbitrary web script or HTML through the site name. The...
CVE-2022-26597
Cross-site scripting XSS vulnerability in the Layout module's Open Graph integration in Liferay Portal 7.3.0 through 7.4.0, and Liferay DXP 7.3 before service pack 3 allows remote attackers to inject arbitrary web script or HTML via the site name...
Liferay Portal和Liferay DXP 跨站脚本漏洞
Liferay Portal and Liferay DXP are both products of Liferay Inc.Liferay Portal is a J2EE-based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP ...
PT-2022-17950 · Liferay · Liferay Dxp +1
Name of the Vulnerable Software and Affected Versions: Liferay Portal versions 7.3.0 through 7.4.0 Liferay DXP 7.3 before service pack 3 Description: A cross-site scripting XSS issue exists in the Layout module's Open Graph integration, allowing remote attackers to inject arbitrary web script or...
GHSA-J68F-8H6P-9H5Q Struts ParameterInterceptor vulnerability allows remote command execution
Regular expression in ParametersInterceptor matches top'foo' as a valid expression, which OGNL treats as top'foo'0 and evaluates the value of 'foo' action parameter as an OGNL expression. This lets malicious users put arbitrary OGNL statements into any String variable exposed by an action and hav...
CVE-2022-29531
An issue was discovered in MISP before 2.4.158. There is stored XSS in the event graph via a tag name...
CVE-2022-29531
An issue was discovered in MISP before 2.4.158. There is stored XSS in the event graph via a tag name...
CVE-2022-29531
An issue was discovered in MISP before 2.4.158. There is stored XSS in the event graph via a tag name...
Cross site scripting
An issue was discovered in MISP before 2.4.158. There is stored XSS in the event graph via a tag name...
[SECURITY] Fedora 34 Update: grafana-7.5.15-2.fc34
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB...