EUVD-2021-32605

Malicious code in bioql PyPI...

CVE-2021-45889

An issue was discovered in PONTON X/P Messenger before 3.11.2. Several functions are vulnerable to reflected XSS, as demonstrated by private/index.jsp?partners/ShowNonLocalPartners.do?localID= or private/index.jsp or private/index.jsp?database/databaseTab.jsp or...

CVE-2021-45886

An issue was discovered in PONTON X/P Messenger before 3.11.2. Anti-CSRF tokens are globally valid, making the web application vulnerable to a weakened version of CSRF, where an arbitrary token of a low-privileged user such as operator can be used to confirm actions of higher-privileged ones such...

PONTON X/P Messenger 跨站请求伪造漏洞

PONTON X/P Messenger is a highly configurable ebXML, AS/1, AS/2, AS/3 and AS/4 compliant messaging software from PONTON Germany. For example, xpadmin...

PONTON X/P Messenger跨站脚本漏洞

PONTON X/P Messenger is a highly configurable ebXML, AS/1, AS/2, AS/3 and AS/4 compliant messaging software from PONTON Germany. ponton X/P Messenger is vulnerable to a cross-site scripting vulnerability that could be exploited by attackers to obtain sensitive user information and construct...