PT-2023-7754 · Fortinet · Fortiweb

Name of the Vulnerable Software and Affected Versions: Fortinet FortiWeb versions 6.2.0 through 6.2.8 Fortinet FortiWeb versions 6.3.0 through 6.3.23 Fortinet FortiWeb versions 7.0.0 through 7.0.9 Fortinet FortiWeb versions 7.2.0 through 7.2.5 Fortinet FortiWeb version 7.4.0 Description: The issu...

PHPMemcachedAdmin vulnerable to cross-site scripting (XSS) via improper encoding

A critical flaw has been identified in elijaa/phpmemcachedadmin affecting version 1.3.0, specifically related to a stored XSS vulnerability. This vulnerability allows malicious actors to insert a carefully crafted JavaScript payload. The issue arises from improper encoding of user-controlled...

GHSA-PR4W-M4RP-GP87 PHPMemcachedAdmin vulnerable to cross-site scripting (XSS) via improper encoding

A critical flaw has been identified in elijaa/phpmemcachedadmin affecting version 1.3.0, specifically related to a stored XSS vulnerability. This vulnerability allows malicious actors to insert a carefully crafted JavaScript payload. The issue arises from improper encoding of user-controlled...

CVE-2023-6027

A critical flaw has been identified in elijaa/phpmemcachedadmin affecting version 1.3.0, specifically related to a stored XSS vulnerability. This vulnerability allows malicious actors to insert a carefully crafted JavaScript payload. The issue arises from improper encoding of user-controlled...

Cross site scripting

A critical flaw has been identified in elijaa/phpmemcachedadmin affecting version 1.3.0, specifically related to a stored XSS vulnerability. This vulnerability allows malicious actors to insert a carefully crafted JavaScript payload. The issue arises from improper encoding of user-controlled...

CVE-2023-26279

IBM QRadar WinCollect Agent 10.0 through 10.1.7 could allow a local user to perform unauthorized actions due to improper encoding. IBM X-Force ID: 248160...

Design/Logic Flaw

IBM QRadar WinCollect Agent 10.0 through 10.1.7 could allow a local user to perform unauthorized actions due to improper encoding. IBM X-Force ID: 248160...

CVE-2023-26279 IBM QRadar WinCollect Agent improper output encoding

IBM QRadar WinCollect Agent 10.0 through 10.1.7 could allow a local user to perform unauthorized actions due to improper encoding. IBM X-Force ID: 248160...

CVE-2023-26279

IBM QRadar WinCollect Agent versions 10.0–10.1.7 contain an improper encoding/escaping issue that could allow a local user to perform unauthorized actions. The issue is documented across multiple sources (Red Hat, CNVD/CNNVD mirrors, IBM X-Force). A fix is available: upgrade to WinCollect Standal...

Improper Encoding

firefox is vulnerable to Improper Encoding. The vulnerability exists due to improperly validating curl command which allows an attacker to cause unintended behavior in smart contracts that rely on the sender's accurate identification...

Honeywell Experion PKS, LX and PlantCruise Improper Encoding or Escaping of Output (CVE-2023-24480)

Controller DoS due to stack overflow when decoding a message from the server This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid501610;...

Improper Encoding

openzeppelin/contracts is vulnerable to Improper Encoding. The vulnerability exists due to improperly validating ERC2771Context which allows an attacker to cause unintended behavior in smart contracts that rely on the sender's accurate identification...

Froxlor vulnerable to Improper Encoding or Escaping of Output

Improper Encoding or Escaping of Output in GitHub repository froxlor/froxlor prior to 2.0.21...

CVE-2023-3668

Improper Encoding or Escaping of Output in GitHub repository froxlor/froxlor prior to 2.0.21...

CVE-2023-3668

CVE-2023-3668 affects Froxlor (froxlor/froxlor) prior to version 2.0.21. The root cause is an improper encoding or escaping of output in the repository, which enables a command-execution vulnerability. Multiple sources confirm the impact as command execution in versions before 2.0.21. Remediation...

CVE-2023-3668 Improper Encoding or Escaping of Output in froxlor/froxlor

Improper Encoding or Escaping of Output in GitHub repository froxlor/froxlor prior to 2.0.21...

PT-2023-25676 · Froxlor · Froxlor

Name of the Vulnerable Software and Affected Versions: froxlor versions prior to 2.0.21 Description: The issue is related to improper encoding or escaping of output in the GitHub repository froxlor/froxlor. Recommendations: For versions prior to 2.0.21, update to version 2.0.21 or later to resolv...

CVE-2023-2200 Improper Encoding or Escaping of Output in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 7.14 before 15.11.10, all versions starting from 16.0 before 16.0.6, all versions starting from 16.1 before 16.1.1, which allows an attacker to inject HTML in an email address field...

CVE-2023-3552

Improper Encoding or Escaping of Output in GitHub repository nilsteampassnet/teampass prior to 3.0.10...

CVE-2023-3552

The CVE-2023-3552 entry concerns TeamPass (nilsteampassnet/teampass) prior to version 3.0.10, where improper encoding or escaping of output enables cross-site scripting in folder names. The root cause is insufficient encoding/escaping of outputs, allowing injection of malicious content into the i...