Lucene search
K

4 matches found

CVE
CVE
added 2025/02/27 12:39 p.m.50 views

CVE-2025-1693

Summary: CVE-2025-1693 affects the MongoDB Shell (mongosh) prior to version 2.3.9. When mongosh is connected to a cluster that is partially or fully under an attacker’s control, an attacker can inject control characters into the shell output, potentially causing falsified messages that appear to ...

6.8CVSS7.1AI score0.00194EPSS
Exploits0References1Affected Software1
MongoDB
MongoDB
added 2025/02/27 12:35 p.m.19 views

MongoDB Shell may be susceptible to control character injection via pasting

The MongoDB Shell may be susceptible to control character injection where an attacker with control of the user’s clipboard could manipulate them to paste text into mongosh that evaluates arbitrary code. Control characters in the pasted text can be used to obfuscate malicious code. This issue...

8.8CVSS7.2AI score0.00224EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/02/11 12:0 a.m.6 views

PT-2023-16522 · Cockpit · Cockpit

Name of the Vulnerable Software and Affected Versions: cockpit versions prior to 2.3.9 Description: The issue is related to improper restriction of rendered UI layers or frames. Recommendations: For versions prior to 2.3.9, update to version 2.3.9 or later to resolve the issue...

5.4CVSS4.3AI score0.00373EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2022/07/25 12:0 a.m.10 views

PT-2022-15403 · WordPress · Request A Quote

Name of the Vulnerable Software and Affected Versions: Request a Quote WordPress plugin versions prior to 2.3.9 Description: The issue allows high privilege users, such as admins, to perform cross-Site Scripting attacks due to the lack of sanitization and escaping of some settings, even when the...

4.8CVSS4.7AI score0.00532EPSS
Exploits2References5
Rows per page
Query Builder