CVE-2022-35611

A Cross-Site Request Forgery CSRF in MQTTRoute v3.3 and below allows attackers to create and remove dashboards...

EUVD-2019-15808

Malware in sbrugna...

EUVD-2022-38494

Malicious code in bioql PyPI...

EUVD-2022-38493

Malicious code in bioql PyPI...

CVE-2022-35612

A cross-site scripting XSS vulnerability in MQTTRoute v3.3 and below allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the dashboard name text field...

CVE-2022-35611

A Cross-Site Request Forgery CSRF in MQTTRoute v3.3 and below allows attackers to create and remove dashboards...

CVE-2022-35612

A cross-site scripting XSS vulnerability in MQTTRoute v3.3 and below allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the dashboard name text field...

CVE-2022-35612

A cross-site scripting XSS vulnerability in MQTTRoute v3.3 and below allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the dashboard name text field...

Cross site scripting

A cross-site scripting XSS vulnerability in MQTTRoute v3.3 and below allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the dashboard name text field...

MQTT 跨站脚本漏洞

MQTT Message Queuing Telemetry Transport is an ISO standard ISO/IEC PRF 20922 based on the Publish/Subscribe paradigm of messaging protocols, which works on the TCP/IP family of protocols, and is designed for remote devices with low hardware performance and poor network conditions. It works on th...

CVE-2022-35612

CVE-2022-35612 affects MQTTRoute (versions 3.3 and earlier). The vulnerability is a cross-site scripting (XSS) flaw in which an attacker can inject arbitrary web scripts or HTML through the dashboard name text field. The issue arises in dashboard-name handling and is limited to the client-side in...

CVE-2022-35612

A cross-site scripting XSS vulnerability in MQTTRoute v3.3 and below allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the dashboard name text field...

CVE-2022-35611

CVE-2022-35611 describes a CSRF vulnerability in MQTTRoute v3.3 and earlier, based on evidence from multiple sources (NVD/Red Hat/CNNVD) showing an ability for attackers to create and remove dashboards. The Red Hat entry confirms the issue affects MQTTRoute 3.3 and earlier; the CNNVD entry adds t...

CVE-2022-35611

A Cross-Site Request Forgery CSRF in MQTTRoute v3.3 and below allows attackers to create and remove dashboards...

CVE-2022-35611

A Cross-Site Request Forgery CSRF in MQTTRoute v3.3 and below allows attackers to create and remove dashboards...

CVE-2022-35612

A cross-site scripting XSS vulnerability in MQTTRoute v3.3 and below allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the dashboard name text field...

CVE-2019-6241

In Bevywise MQTTRoute 1.1 build 1018-002, a connect packet combined with a malformed unsubscribe request packet can be used to cause a Denial of Service attack against the broker...

CVE-2019-6241

In Bevywise MQTTRoute 1.1 build 1018-002, a connect packet combined with a malformed unsubscribe request packet can be used to cause a Denial of Service attack against the broker...

Design/Logic Flaw

In Bevywise MQTTRoute 1.1 build 1018-002, a connect packet combined with a malformed unsubscribe request packet can be used to cause a Denial of Service attack against the broker...

CVE-2019-6241

Bevywise MQTTRoute 1.1 build 1018-002 is affected. An attacker can trigger a Denial of Service by sending a crafted connect packet combined with a malformed unsubscribe request, exploiting an input validation error in the MQTT broker. The issue is documented across multiple sources (e.g., CNVD-20...