559 matches found
CVE-2023-39096
WebBoss.io CMS v3.7.0.1 contains a stored Cross-Site Scripting XSS vulnerability due to lack of input validation and output encoding...
CVE-2023-39096
WebBoss.io CMS v3.7.0.1 contains a stored Cross-Site Scripting XSS vulnerability due to lack of input validation and output encoding...
CVE-2023-39096
WebBoss.io CMS v3.7.0.1 contains a stored Cross-Site Scripting XSS vulnerability due to lack of input validation and output encoding...
WebBoss.io Cross-Site Scripting Vulnerability
WebBoss.io is a website building platform for professional designers and developers from WebBoss.io, Inc. A security vulnerability exists in WebBoss.io CMS version v3.7.0.1 that stems from a lack of input validation and output coding...
PT-2023-26780 · Unknown · Webboss.Io Cms
Name of the Vulnerable Software and Affected Versions: WebBoss.io CMS version 3.7.0.1 Description: The issue is related to a stored Cross-Site Scripting XSS vulnerability. This occurs due to a lack of input validation and output encoding, allowing malicious scripts to be stored and executed...
The vulnerability of the SAP Solution Manager (Diagnostics agent) platform, related to the lack of mechanisms for encoding or blocking output data, allows for the execution of XSS attacks.
The vulnerability of the SAP Solution Manager Diagnostics agent platform is related to the lack of mechanisms for encoding or blocking output data. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...
Advisory ROSA-SA-2023-2203
Software: python 2.7.5 OS: rosa-server79 packageevrstring: python-2.7.5-93.res7 CVE-ID: CVE-2023-24329 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: A problem in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blacklisting methods by providing a URL that starts with empty...
The vulnerability of the Envoy proxy server stems from a lack of mechanisms for encoding or filtering output data, allowing attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the Envoy proxy server is related to the lack of mechanisms for encoding or filtering output data. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information...
PT-2023-3904 · Envoy · Envoy
Name of the Vulnerable Software and Affected Versions: Envoy versions prior to 1.27.0 Envoy versions prior to 1.26.4 Envoy versions prior to 1.25.9 Envoy versions prior to 1.24.10 Envoy versions prior to 1.23.12 Description: The issue is related to a lack of output encoding or escaping mechanism ...
Froxlor Command Execution Vulnerability
Froxlor is a set of lightweight server management software from the Froxlor team. A command execution vulnerability exists in versions prior to froxlor 2.0.21 that stems from an output encoding or escaping error. An attacker can exploit the vulnerability to cause command execution...
Input validation
Improper Encoding or Escaping of Output in GitHub repository froxlor/froxlor prior to 2.0.21...
Froxlor 安全漏洞
Froxlor is a set of lightweight server management software from the Froxlor team. A command execution vulnerability exists in versions prior to froxlor 2.0.21 that stems from an output encoding or escaping error. An attacker can exploit the vulnerability to cause command execution...
GHSA-2CV5-QVQ3-6276 TeamPass vulnerable to Improper Encoding or Escaping of Output
TeamPass prior to 3.0.10 is vulnerable to cross-site scripting filter bypass in folder names. This can lead to information disclosure...
TeamPass vulnerable to Improper Encoding or Escaping of Output
TeamPass prior to 3.0.10 is vulnerable to cross-site scripting filter bypass in folder names. This can lead to information disclosure...
Stored XSS
Description: The application contains a stored XSS vulnerability, which allows an attacker to inject and execute malicious scripts within the application. The vulnerability occurs due to improper input validation and output encoding mechanisms, which fail to adequately sanitize and encode...
CVE-2023-28800 Output encoding missing in redrurl parameter
When using local accounts for administration, the redirect url parameter was not encoded correctly, allowing for an XSS attack providing admin login...
CVE-2023-28800 Output encoding missing in redrurl parameter
When using local accounts for administration, the redirect url parameter was not encoded correctly, allowing for an XSS attack providing admin login...
CVE-2023-3190
Improper Encoding or Escaping of Output in GitHub repository nilsteampassnet/teampass prior to 3.0.9...
TeamPass 安全漏洞
TeamPass is an open source password manager from the individual developer Nils Laumaillé. A security vulnerability exists in versions prior to TeamPass 3.0.9 that stems from improperly escaping output encoding...
CVE-2023-3190 Improper Encoding or Escaping of Output in nilsteampassnet/teampass
Improper Encoding or Escaping of Output in GitHub repository nilsteampassnet/teampass prior to 3.0.9...