36 matches found
EUVD-2022-30761
Malicious code in bioql PyPI...
EUVD-2022-52125
Malicious code in bioql PyPI...
EUVD-2022-51895
Malicious code in bioql PyPI...
CVE-2022-4560
A vulnerability was found in Joget up to 7.0.31. It has been rated as problematic. This issue affects the function getInternalJsCssLib of the file wflow-core/src/main/java/org/joget/plugin/enterprise/UniversalTheme.java of the component wflow-core. The manipulation of the argument key leads to...
CVE-2022-4859
A vulnerability, which was classified as problematic, has been found in Joget up to 7.0.33. This issue affects the function submitForm of the file wflow-core/src/main/java/org/joget/plugin/enterprise/UserProfileMenu.java of the component User Profile Menu. The manipulation of the argument...
CVE-2022-26197
Joget DX 7 was discovered to contain a cross-site scripting XSS vulnerability via the Datalist table...
CVE-2019-14352
In Joget Workflow 6.0.20, CSV Injection, also known as Formula Injection, exists, as demonstrated by jw/web/userview/crmcommunity/crmuserviewsales//accountnew with the Account ID or Account Name field. NOTE: the vendor disputes the relevance of this finding because CSV is not the intended export...
CVE-2022-4859
A vulnerability, which was classified as problematic, has been found in Joget up to 7.0.33. This issue affects the function submitForm of the file wflow-core/src/main/java/org/joget/plugin/enterprise/UserProfileMenu.java of the component User Profile Menu. The manipulation of the argument...
CVE-2022-4859
A vulnerability, which was classified as problematic, has been found in Joget up to 7.0.33. This issue affects the function submitForm of the file wflow-core/src/main/java/org/joget/plugin/enterprise/UserProfileMenu.java of the component User Profile Menu. The manipulation of the argument...
Cross site scripting
A vulnerability, which was classified as problematic, has been found in Joget up to 7.0.33. This issue affects the function submitForm of the file wflow-core/src/main/java/org/joget/plugin/enterprise/UserProfileMenu.java of the component User Profile Menu. The manipulation of the argument...
CVE-2022-4859
CVE-2022-4859 affects Joget up to version 7.0.33 in the UserProfileMenu.submitForm function (wflow-core/src/main/java/org/joget/plugin/enterprise/UserProfileMenu.java). The vulnerability arises from improper handling of firstName/lastName input, enabling cross-site scripting. It can be triggered ...
CVE-2022-4859 Joget User Profile Menu UserProfileMenu.java submitForm cross site scripting
A vulnerability, which was classified as problematic, has been found in Joget up to 7.0.33. This issue affects the function submitForm of the file wflow-core/src/main/java/org/joget/plugin/enterprise/UserProfileMenu.java of the component User Profile Menu. The manipulation of the argument...
Joget 跨站脚本漏洞
Joget is an open source no-code/low-code application platform from Joget Open Source. For faster and simpler digital conversion DX. Joget versions prior to 7.0.34 cross-site scripting vulnerability , the vulnerability stems from the file...
PT-2022-28145 · Joget · Joget
Name of the Vulnerable Software and Affected Versions: Joget versions up to 7.0.33 Description: A problematic issue has been found in Joget, affecting the submitForm function of the UserProfileMenu component. The manipulation of the firstName/lastName arguments leads to cross-site scripting. The...
CVE-2022-4560
A vulnerability was found in Joget up to 7.0.31. It has been rated as problematic. This issue affects the function getInternalJsCssLib of the file wflow-core/src/main/java/org/joget/plugin/enterprise/UniversalTheme.java of the component wflow-core. The manipulation of the argument key leads to...
CVE-2022-4560
A vulnerability was found in Joget up to 7.0.31. It has been rated as problematic. This issue affects the function getInternalJsCssLib of the file wflow-core/src/main/java/org/joget/plugin/enterprise/UniversalTheme.java of the component wflow-core. The manipulation of the argument key leads to...
Cross site scripting
A vulnerability was found in Joget up to 7.0.31. It has been rated as problematic. This issue affects the function getInternalJsCssLib of the file wflow-core/src/main/java/org/joget/plugin/enterprise/UniversalTheme.java of the component wflow-core. The manipulation of the argument key leads to...
Joget 跨站脚本漏洞
Joget is an open source no-code/low-code application platform from Joget Open Source. For faster and simpler digital conversion DX. A cross-site scripting vulnerability exists in Joget version 7.0.32 and prior versions. An attacker exploited the vulnerability to perform a cross-site scripting...
CVE-2022-4560
CVE-2022-4560 affects Joget up to version 7.0.31 in the wflow-core component. The vulnerability arises in the function getInternalJsCssLib of the file UniversalTheme.java where manipulating the key argument enables cross-site scripting. The issue can be remotely initiated. A fix is available in v...
CVE-2022-4560 Joget wflow-core UniversalTheme.java getInternalJsCssLib cross site scripting
A vulnerability was found in Joget up to 7.0.31. It has been rated as problematic. This issue affects the function getInternalJsCssLib of the file wflow-core/src/main/java/org/joget/plugin/enterprise/UniversalTheme.java of the component wflow-core. The manipulation of the argument key leads to...