27 matches found
EUVD-2022-45523
Malicious code in bioql PyPI...
EUVD-2022-32063
Malicious code in bioql PyPI...
EUVD-2022-45522
Malicious code in bioql PyPI...
CVE-2022-27562
Unsafe default file type filter policy in HCL Domino Volt allows upload of .html file and execution of unsafe JavaScript in deployed applications...
CVE-2022-42449
Unsafe default file type filter policy in HCL Domino Volt allows upload of .html file and execution of unsafe JavaScript in deployed applications...
CVE-2022-42450
Improper sanitization of SVG files in HCL Domino Volt allows client-side script injection in deployed applications...
CVE-2023-37535
Insufficient URI protocol whitelist in HCL Domino Volt and Domino Leap allow script injection through query parameters...
CVE-2024-30145
Multiple vectors in HCL Domino Volt and Domino Leap allow client-side script injection in the authoring environment and deployed applications...
CVE-2022-42450
Improper sanitization of SVG files in HCL Domino Volt allows client-side script injection in deployed applications...
CVE-2022-42449
Unsafe default file type filter policy in HCL Domino Volt allows upload of .html file and execution of unsafe JavaScript in deployed applications...
CVE-2022-27562
Unsafe default file type filter policy in HCL Domino Volt allows upload of .html file and execution of unsafe JavaScript in deployed applications...
CVE-2023-37535 HCL Domino Volt and Domino Leap are affected by a Cross-site scripting (XSS) vulnerability
Insufficient URI protocol whitelist in HCL Domino Volt and Domino Leap allow script injection through query parameters...
CVE-2023-37535 HCL Domino Volt and Domino Leap are affected by a Cross-site scripting (XSS) vulnerability
Insufficient URI protocol whitelist in HCL Domino Volt and Domino Leap allow script injection through query parameters...
CVE-2022-42450 HCL Domino Volt is affected by Cross-site scripting (XSS)
Improper sanitization of SVG files in HCL Domino Volt allows client-side script injection in deployed applications...
CVE-2022-42450
CVE-2022-42450 concerns HCL Domino Volt. The issue is improper sanitization of SVG files in deployed Domino Volt applications, enabling client-side script injection (XSS) via SVG content. Documents specify CVSS base scores (NVD: 5.4/ MEDIUM; with UI:R, S:C, etc.; user interaction required) but do...
CVE-2022-42450 HCL Domino Volt is affected by Cross-site scripting (XSS)
Improper sanitization of SVG files in HCL Domino Volt allows client-side script injection in deployed applications...
CVE-2022-42449
CVE-2022-42449 affects HCL Domino Volt. The root cause is an unsafe default file-type filtering policy that allows uploading .html files, enabling execution of unsafe JavaScript in deployed applications. Documents consistently describe the issue but do not provide a confirmed patch version or rem...
CVE-2022-42449 HCL Domino Volt is affected by an unrestricted upload of a dangerous file type
Unsafe default file type filter policy in HCL Domino Volt allows upload of .html file and execution of unsafe JavaScript in deployed applications...
CVE-2022-42449 HCL Domino Volt is affected by an unrestricted upload of a dangerous file type
Unsafe default file type filter policy in HCL Domino Volt allows upload of .html file and execution of unsafe JavaScript in deployed applications...
CVE-2022-27562
CVE-2022-27562 is reported across multiple sources as a vulnerability in HCL Domino Volt caused by an unsafe default file-type filtering policy. This policy allows uploading of .html files and the execution of unsafe JavaScript in deployed applications, without publicly documented a fix in the co...