Lucene search
K

63 matches found

Cvelist
Cvelist
added 2024/11/19 4:32 p.m.30 views

CVE-2024-50520 WordPress Ancient World Linked Data plugin <= 0.2.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Peter J. Herrel Ancient World Linked Data ancient-world-linked-data-for-wordpress allows DOM-Based XSS.This issue affects Ancient World Linked Data: from n/a through = 0.2.1...

6.5CVSS0.00341EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/19 4:32 p.m.11 views

CVE-2024-50520 WordPress Ancient World Linked Data plugin <= 0.2.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Peter J. Herrel Ancient World Linked Data ancient-world-linked-data-for-wordpress allows DOM-Based XSS.This issue affects Ancient World Linked Data: from n/a through = 0.2.1...

6.5CVSS5.9AI score0.00341EPSS
Exploits0References1
CVE
CVE
added 2024/11/19 4:32 p.m.62 views

CVE-2024-50520

CVE-2024-50520 relates to the WordPress plugin “Ancient World Linked Data” (up to version 0.2.1). The issue is a DOM-based Cross-Site Scripting (XSS) caused by improper input neutralization during page generation, enabling script execution in the context of the affected site. Affected software: A...

6.5CVSS5.9AI score0.00341EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/19 12:0 a.m.4 views

WordPress plugin Ancient World Linked Data 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.5CVSS6AI score0.00341EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/10/30 9:56 a.m.6 views

WordPress Ancient World Linked Data plugin <= 0.2.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Zlrqh Patchstack Alliance in WordPress Plugin Ancient World Linked Data versions = 0.2.1...

6.5CVSS6.1AI score0.00341EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/10/30 12:0 a.m.10 views

WordPress Ancient World Linked Data Plugin <= 0.2.1 is vulnerable to Cross Site Scripting (XSS)

Software Ancient World Linked Data Type Plugin Vulnerable versions = 0.2.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-50520 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 1c1d98c6a43b Credits Zlrqh Required privilege...

6.5CVSS6.5AI score0.00341EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/08/16 11:53 a.m.7 views

WordPress Structured Content (JSON-LD) #wpsc plugin <= 1.6.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Michael Patchstack Alliance in WordPress Plugin Structured Content versions = 1.6.2...

6.5CVSS6.1AI score0.00245EPSS
Exploits0Affected Software1
NVD
NVD
added 2024/01/11 6:15 a.m.43 views

CVE-2024-21669

Hyperledger Aries Cloud Agent Python ACA-Py is a foundation for building decentralized identity applications and services running in non-mobile environments. When verifying W3C Format Verifiable Credentials using JSON-LD with Linked Data Proofs LDP-VCs, the result of verifying the presentation...

9.9CVSS9.4AI score0.00627EPSS
Exploits1References5
Prion
Prion
added 2024/01/11 6:15 a.m.26 views

Format string

Hyperledger Aries Cloud Agent Python ACA-Py is a foundation for building decentralized identity applications and services running in non-mobile environments. When verifying W3C Format Verifiable Credentials using JSON-LD with Linked Data Proofs LDP-VCs, the result of verifying the presentation...

6.5CVSS7AI score0.00627EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2024/01/11 5:40 a.m.74 views

CVE-2024-21669

Hyperledger Aries Cloud Agent Python (ACA-Py) contains CVE-2024-21669: when verifying W3C JSON-LD Verifiable Credentials with Linked Data Proofs (LDP-VCs), the result of validating document.proof is not factored into the final presentation verification. This allows holders to present incorrectly ...

9.9CVSS8.6AI score0.00627EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2024/01/11 5:40 a.m.43 views

CVE-2024-21669 Hyperledger Aries Cloud Agent Python result of presentation verification not checked for LDP-VC

Hyperledger Aries Cloud Agent Python ACA-Py is a foundation for building decentralized identity applications and services running in non-mobile environments. When verifying W3C Format Verifiable Credentials using JSON-LD with Linked Data Proofs LDP-VCs, the result of verifying the presentation...

9.9CVSS9.6AI score0.00627EPSS
Exploits1References5
OSV
OSV
added 2024/01/11 5:40 a.m.40 views

CVE-2024-21669 Hyperledger Aries Cloud Agent Python result of presentation verification not checked for LDP-VC

Hyperledger Aries Cloud Agent Python ACA-Py is a foundation for building decentralized identity applications and services running in non-mobile environments. When verifying W3C Format Verifiable Credentials using JSON-LD with Linked Data Proofs LDP-VCs, the result of verifying the presentation...

9.9CVSS8.9AI score0.00627EPSS
Exploits1References7
CNNVD
CNNVD
added 2024/01/11 12:0 a.m.6 views

Hyperledger Aries Cloud Agent Python Data Forgery Issue Vulnerability

Hyperledger Aries Cloud Agent Python is a tool for building the foundation of decentralized identity applications and services that run in non-mobile environments. A data forgery issue vulnerability exists in Hyperledger Aries Cloud Agent Python versions prior to 0.7.0, which stems from a data...

9.9CVSS6.8AI score0.00627EPSS
Exploits1References6
OSV
OSV
added 2024/01/09 8:31 p.m.4 views

GHSA-97X9-59RV-Q5PM Hyperledger Aries Cloud Agent Python result of presentation verification not checked for LDP-VC

Impact When verifying W3C Format Verifiable Credentials using JSON-LD with Linked Data Proofs LDP-VCs, the result of verifying the presentation document.proof was not factored into the final verified value true/false on the presentation record. Below is an example result from verifying a JSON-LD...

9.9CVSS5.8AI score0.00627EPSS
Exploits1References7
Github Security Blog
Github Security Blog
added 2024/01/09 8:31 p.m.28 views

Hyperledger Aries Cloud Agent Python result of presentation verification not checked for LDP-VC

Impact When verifying W3C Format Verifiable Credentials using JSON-LD with Linked Data Proofs LDP-VCs, the result of verifying the presentation document.proof was not factored into the final verified value true/false on the presentation record. Below is an example result from verifying a JSON-LD...

9.9CVSS6.8AI score0.00627EPSS
Exploits1References7Affected Software1
Positive Technologies
Positive Technologies
added 2024/01/09 12:0 a.m.5 views

PT-2024-19011

Name of the Vulnerable Software and Affected Versions Hyperledger Aries Cloud Agent Python ACA-Py versions 0.7.0 through 0.10.4 Description The issue arises when verifying W3C Format Verifiable Credentials using JSON-LD with Linked Data Proofs LDP-VCs. The result of verifying the presentation...

9.9CVSS7.7AI score0.00627EPSS
Exploits1References17
Positive Technologies
Positive Technologies
added 2023/12/18 12:0 a.m.6 views

PT-2023-31371 · Unknown · Structured Content

Name of the Vulnerable Software and Affected Versions: Structured Content JSON-LD versions n/a through 1.5.3 Description: The issue is related to Deserialization of Untrusted Data, which affects the Structured Content JSON-LD plugin. No information is provided about the estimated number of...

9.8CVSS9.2AI score0.00746EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/12/14 12:0 a.m.6 views

PT-2023-31373 · Unknown · Structured Content (Json-Ld) #Wpsc

Name of the Vulnerable Software and Affected Versions: Structured Content JSON-LD wpsc versions 1.5.3 and earlier Description: The issue is related to improper neutralization of input during web page generation, which can lead to Stored Cross-site Scripting XSS. This allows attackers to inject...

6.5CVSS5.9AI score0.00385EPSS
Exploits0References3
CNVD
CNVD
added 2023/07/14 12:0 a.m.18 views

Apache Jena Code Execution Vulnerability

Apache Jena is the United States Apache Apache Foundation of a Java Semantic Web framework. Used to build semantic Web and linked data applications. Apache Jena suffers from a code execution vulnerability that stems from insufficient restrictions on called script functions. An attacker can exploi...

8.8CVSS7.6AI score0.00987EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/07/12 12:0 a.m.5 views

Apache Jena 安全漏洞

Apache Jena is the United States Apache Apache Foundation of a Java Semantic Web framework. Used to build semantic Web and linked data applications. Apache Jena suffers from a code execution vulnerability that stems from insufficient restrictions on called script functions. An attacker can exploi...

8.8CVSS7.7AI score0.01324EPSS
Exploits0References3
Rows per page
Query Builder