EUVD-2017-3207

Malware in sbrugna...

EUVD-2024-17058

Malicious code in bioql PyPI...

CVE-2024-1297

Loomio version 2.22.0 allows executing arbitrary commands on the server. This is possible because the application is vulnerable to OS Command Injection...

CVE-2024-1297

Loomio version 2.22.0 allows executing arbitrary commands on the server. This is possible because the application is vulnerable to OS Command Injection...

Command injection

Loomio version 2.22.0 allows executing arbitrary commands on the server. This is possible because the application is vulnerable to OS Command Injection...

Loomio OS Command Injection Vulnerability

Loomio is a collaborative decision-making tool. A code injection vulnerability exists in Loomio version 2.22.0, which stems from the presence of an operating system command injection vulnerability...

CVE-2024-1297 Loomio 2.22.0 - Code injection

Loomio version 2.22.0 allows executing arbitrary commands on the server. This is possible because the application is vulnerable to OS Command Injection...

CVE-2024-1297

Affected software: Loomio 2.22.0. Vulnerability: OS Command Injection allowing execution of arbitrary server commands. This is the underlying root cause stated across sources, enabling an attacker to run commands with the server’s privileges. Impact (as described): high/critical in various assess...

CVE-2024-1297 Loomio 2.22.0 - Code injection

Loomio version 2.22.0 allows executing arbitrary commands on the server. This is possible because the application is vulnerable to OS Command Injection...

PT-2024-17837

Name of the Vulnerable Software and Affected Versions Loomio version 2.22.0 Description The issue allows executing arbitrary commands on the server due to the application being vulnerable to OS Command Injection. Recommendations For Loomio version 2.22.0, update to a version that fixes the OS...

CVE-2017-11594

Cross-site scripting XSS vulnerability in the Markdown parser in Loomio before 1.8.0 allows remote attackers to inject arbitrary web script or HTML via non-sanitized Markdown content in a new thread or a thread comment...

Cross site scripting

Cross-site scripting XSS vulnerability in the Markdown parser in Loomio before 1.8.0 allows remote attackers to inject arbitrary web script or HTML via non-sanitized Markdown content in a new thread or a thread comment...

CVE-2017-11594

Cross-site scripting XSS vulnerability in the Markdown parser in Loomio before 1.8.0 allows remote attackers to inject arbitrary web script or HTML via non-sanitized Markdown content in a new thread or a thread comment...

CVE-2017-11594

Cross-site scripting XSS vulnerability in the Markdown parser in Loomio before 1.8.0 allows remote attackers to inject arbitrary web script or HTML via non-sanitized Markdown content in a new thread or a thread comment...

CVE-2017-11594

CVE-2017-11594 affects Loomio’s Markdown parser prior to version 1.8.0. The vulnerability is a cross-site scripting (XSS) flaw that lets remote attackers inject arbitrary web script or HTML through non-sanitized Markdown content in new threads or thread comments. The root cause is improper saniti...

Loomio Cross-Site Scripting Vulnerability

Loomio is a cross-platform team decision-making tool. markdown parser is one of the Markdown markup language parser. A cross-site scripting vulnerability exists in the Markdown parser in Loomio versions prior to 1.8.0. A remote attacker can exploit this vulnerability to inject arbitrary web scrip...