Fedora: Security Advisory for args4j (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: args4j-2.33-26.fc40

args4j is a small Java class library that makes it easy to parse command line options/arguments in your CUI application. - It makes the command line parsing very easy by using annotations - You can generate the usage screen very easily - You can generate HTML/XML that lists all options for your...

CVE-2024-0774 Any-Capture Any Sound Recorder Registration memory corruption

A vulnerability was found in Any-Capture Any Sound Recorder 2.93. It has been declared as problematic. This vulnerability affects unknown code of the component Registration Handler. The manipulation of the argument User Name/Key Code leads to memory corruption. It is possible to launch the attack...

[SECURITY] Fedora 39 Update: golang-x-text-0.14.0-1.fc39

Text is a repository of text-related packages related to internationalization i18n and localization l10n, such as character encodings, text transformations, and locale-specific text handling...

[SECURITY] Fedora 38 Update: golang-x-text-0.14.0-1.fc38

Text is a repository of text-related packages related to internationalization i18n and localization l10n, such as character encodings, text transformations, and locale-specific text handling...

Fedora: Security Advisory for golang-x-text (FEDORA-2024-fd3545a844)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Backend Localization <= 2.1.10 - Settings Update via CSRF

Description The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2023-44471

Cross-Site Request Forgery CSRF vulnerability in Bernhard Kau Backend Localization plugin = 2.1.10 versions...

CVE-2023-44471

Cross-Site Request Forgery CSRF vulnerability in Bernhard Kau Backend Localization plugin = 2.1.10 versions...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Bernhard Kau Backend Localization plugin = 2.1.10 versions...

CVE-2023-44471 WordPress Backend Localization Plugin <= 2.1.10 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Bernhard Kau Backend Localization plugin = 2.1.10 versions...

CVE-2023-44471

CVE-2023-44471 is a CSRF vulnerability in Bernhard Kau Backend Localization plugin for WordPress, affecting versions

WordPress Plugin kau-boys-backend-localization Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

PT-2023-29251 · Unknown · Bernhard Kau Backend Localization Plugin

Name of the Vulnerable Software and Affected Versions: Bernhard Kau Backend Localization plugin versions = 2.1.10 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions ...

OPENSUSE-SU-2023:0285-1 Security update for roundcubemail

This update for roundcubemail fixes the following issues: Update to 1.6.3 boo1215433 Fix bug where installto.sh/update.sh scripts were removing some essential options from the config file 9051 Update jQuery-UI to version 1.13.2 9041 Fix regression that broke usesecureurls feature 9052 Fix potenti...

WordPress Backend Localization Plugin <= 2.1.10 is vulnerable to Cross Site Request Forgery (CSRF)

Software Backend Localization Type Plugin Vulnerable versions = 2.1.10 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-44471 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 2438ddd21c91 Credits Skalucy Require...

CVE-2023-41316

Tolgee is an open-source localization platform. Due to lack of validation field - Org Name, bad actor can send emails with HTML injected code to the victims. Registered users can inject HTML into unsanitized emails from the Tolgee instance to other users. This unsanitized HTML ends up in invitati...

CVE-2023-41316

CVE-2023-41316 affects Tolgee (open‑source localization platform) where lack of validation in the Org Name field allows HTML injection into unsanitized invitation emails sent by registered users. The vulnerability can enable directing recipients to malicious sites or executing JavaScript in the u...

CVE-2023-41316 HTML Injection with email in Tolgee

Tolgee is an open-source localization platform. Due to lack of validation field - Org Name, bad actor can send emails with HTML injected code to the victims. Registered users can inject HTML into unsanitized emails from the Tolgee instance to other users. This unsanitized HTML ends up in invitati...

CVE-2023-41316 HTML Injection with email in Tolgee

Tolgee is an open-source localization platform. Due to lack of validation field - Org Name, bad actor can send emails with HTML injected code to the victims. Registered users can inject HTML into unsanitized emails from the Tolgee instance to other users. This unsanitized HTML ends up in invitati...