Lucene search
K

104 matches found

Vulnrichment
Vulnrichment
added 2024/11/19 4:31 p.m.8 views

CVE-2024-51905 WordPress RSV PDF Preview plugin <= 1.0 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ravi & Suma RSV PDF Preview allows Stored XSS.This issue affects RSV PDF Preview: from n/a through 1.0...

6.5CVSS6.7AI score0.00302EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/19 4:31 p.m.32 views

CVE-2024-51905 WordPress RSV PDF Preview plugin <= 1.0 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ravi Kumar Vanukuru RSV PDF Preview rsv-pdf-preview allows Stored XSS.This issue affects RSV PDF Preview: from n/a through = 1.0...

6.5CVSS0.00302EPSS
Exploits0References1
CVE
CVE
added 2024/11/19 4:31 p.m.59 views

CVE-2024-51905

CVE-2024-51905 is a Stored XSS in the RSV PDF Preview WordPress plugin (versions 1.0 and earlier). Root cause: improper input neutralization during web page generation. Affected product: RSV PDF Preview (WordPress). Public sources indicate the issue affects RSV PDF Preview up to version 1.0 with ...

6.5CVSS7.2AI score0.00302EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/19 12:0 a.m.5 views

WordPress plugin RSV PDF Preview 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS7.4AI score0.00302EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/19 12:0 a.m.5 views

PT-2024-35037 · Unknown · Rsv Pdf Preview

Name of the Vulnerable Software and Affected Versions: RSV PDF Preview versions 1.0 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Stored XSS attacks. Recommendations: For RSV PDF...

6.5CVSS5.8AI score0.00302EPSS
Exploits0References3
NVD
NVD
added 2024/11/18 11:15 p.m.26 views

CVE-2024-33231

Cross Site Scripting vulnerability in Ferozo Email version 1.1 allows a local attacker to execute arbitrary code via a crafted payload to the PDF preview component...

5.4CVSS0.00421EPSS
Exploits0References1
CVE
CVE
added 2024/11/18 12:0 a.m.54 views

CVE-2024-33231

CVE-2024-33231 concerns a Cross Site Scripting vulnerability in Ferozo Email 1.1 . The issue affects the PDF preview component and enables a local attacker to execute arbitrary code through a crafted payload. The public descriptions consistently identify the affected software and the PDF preview ...

5.4CVSS7AI score0.00421EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/18 12:0 a.m.22 views

CVE-2024-33231

Cross Site Scripting vulnerability in Ferozo Email version 1.1 allows a local attacker to execute arbitrary code via a crafted payload to the PDF preview component...

0.00421EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/18 12:0 a.m.5 views

Ferozo Email 安全漏洞

Ferozo Email is a powerful and simple hosting panel from Ferozo. A security vulnerability exists in Ferozo Email version 1.1, which stems from vulnerability to cross-site scripting attacks, where a local attacker can execute arbitrary code against the PDF Preview component via a crafted payload...

5.4CVSS6.5AI score0.00421EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/18 12:0 a.m.19 views

CVE-2024-33231

Cross Site Scripting vulnerability in Ferozo Email version 1.1 allows a local attacker to execute arbitrary code via a crafted payload to the PDF preview component...

7AI score0.00421EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/11/08 12:0 a.m.9 views

WordPress RSV PDF Preview Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)

Software RSV PDF Preview Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51905 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 292589128a03 Credits SOPROBRO Required privilege Contributor...

6.5CVSS6.6AI score0.00302EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/07/19 9:15 a.m.37 views

CVE-2024-39457

Cybozu Garoon 6.0.0 to 6.0.1 contains a cross-site scripting vulnerability in PDF preview. If this vulnerability is exploited, an arbitrary script may be executed on a logged-in user’s web browser...

5.4CVSS0.00249EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/07/19 8:36 a.m.36 views

CVE-2024-39457

Cybozu Garoon 6.0.0 to 6.0.1 contains a cross-site scripting vulnerability in PDF preview. If this vulnerability is exploited, an arbitrary script may be executed on a logged-in user’s web browser...

0.00249EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/07/19 8:36 a.m.18 views

CVE-2024-39457

Cybozu Garoon 6.0.0 to 6.0.1 contains a cross-site scripting vulnerability in PDF preview. If this vulnerability is exploited, an arbitrary script may be executed on a logged-in user’s web browser...

6.2AI score0.00249EPSS
Exploits0References2
CVE
CVE
added 2024/07/19 8:36 a.m.73 views

CVE-2024-39457

Cybozu Garoon 6.0.0–6.0.1 contains a cross-site scripting (CWE-79) vulnerability in the PDF preview feature. If successfully exploited, an arbitrary script could execute in a logged-in user’s browser. Affected versions are 6.0.0 through 6.0.1. Remediation guidance observed across sources is to up...

5.4CVSS6.3AI score0.00249EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/07/19 12:0 a.m.3 views

PT-2024-28502 · Cybozu · Cybozu Garoon

Name of the Vulnerable Software and Affected Versions: Cybozu Garoon versions 6.0.0 through 6.0.1 Description: The issue is related to a cross-site scripting vulnerability in the PDF preview feature. If exploited, this could allow an arbitrary script to be executed on a logged-in user's web...

5.4CVSS6.7AI score0.00249EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/07/16 7:14 a.m.1 views

Cybozu Garoon vulnerable to cross-site scripting

Overview Cybozu Garoon provided by Cybozu, Inc. contains a cross-site scripting vulnerability in PDF preview CWE-79. Masato Kinugawa reported this vulnerability to Cybozu, Inc. and Cybozu, Inc. reported it to JPCERT/CC to notify users of its solution through JVN. Impact An arbitrary script may be...

7.4CVSS6AI score0.00249EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/07/16 12:0 a.m.21 views

JVN#74825766: Cybozu Garoon vulnerable to cross-site scripting

Cybozu Garoon provided by Cybozu, Inc. contains a cross-site scripting vulnerability in PDF preview CWE-79. Impact An arbitrary script may be executed on a logged-in user's web browser. Solution Update the Software Update the software to the latest version according to the information provided by...

5.4CVSS5.3AI score0.00249EPSS
Exploits0
Veracode
Veracode
added 2023/03/13 6:16 a.m.20 views

Stored Cross-Site Scripting (XSS)

pimcore is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to a lack of sanitization in pdfpreview.js, which allows an admin authenticated attacker to inject and execute arbitrary JavaScript into the browser through the author and title fields...

4.8CVSS6.4AI score0.00428EPSS
Exploits1References5Affected Software1
Securelist
Securelist
added 2017/08/31 11:0 a.m.58 views

Dissecting the Chrome Extension Facebook malware

It's been a few days since Kaspersky Lab's blog post about the Multi Platform Facebook malware that was spread through Facebook Messenger. At the same time as Kaspersky Lab were analyzing this threat, a few researchers where doing the same, including Frans Rosén, Security Advisor at Detectify...

6.9AI score
Exploits0
Rows per page
Query Builder