PT-2024-5230 · Apache · Apache Traffic Server

Name of the Vulnerable Software and Affected Versions: Apache Traffic Server versions 8.0.0 through 8.1.10 Apache Traffic Server versions 9.0.0 through 9.2.4 Description: The issue arises from Apache Traffic Server forwarding malformed HTTP chunked trailer sections to origin servers, which can be...

PT-2024-17609 · Unknown · Concrete Cms

Name of the Vulnerable Software and Affected Versions: Concrete CMS versions 9.0.0 through 9.2.4 Description: The issue is related to stored XSS via the Role Name field due to insufficient validation of administrator-provided data. A rogue administrator could inject malicious code into the Role...

Concrete CMS Cross-Site Scripting Vulnerability

PortlandLabs Concrete CMS is a team-oriented open source content management system from PortlandLabs, Inc. in the United States. A cross-site scripting vulnerability exists in Concrete CMS version 9.x prior to 9.2.5, which stems from insufficient data validation and is susceptible to reflective...

Schneider Electric GP-Pro EX 代码问题漏洞

Schneider Electric GP-Pro EX is a suite of HMI interface editing and logic programming software from Schneider Electric France. A code issue vulnerability exists in Schneider Electric GP-Pro EX, which arises from the product's failure to properly filter special elements in the search path. The...