1616 matches found
EU Cookie Law <= 3.1.6 - Admin+ Stored XSS
The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. 1. Enter the setting page of this plugin. 2. In t...
CVE-2022-39304
A flaw was found in ghinstallation. When a request to refresh an installation token fails, the HTTP request and response are returned for debugging. The returned request contains the short-lived 10-min maximum bearer JWT for the app and is returned back to clients...
Link Library < 7.4.1 - Admin+ Stored XSS
The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. 1. Install the plugin and go to:...
DEBIAN-CVE-2022-3033
If a Thunderbird user replied to a crafted HTML email containing a meta tag, with the meta tag having the http-equiv="refresh" attribute, and the content attribute specifying an URL, then Thunderbird started a network request to that URL, regardless of the configuration to block remote content. I...
Information Disclosure
github.com/bradleyfalzon/ghinstallation is vulnerable to information disclosure. The vulnerability exists in the refreshToken function of transport.go, when the request to refresh an installation token fails, it allows an attacker to gain sensitive information through the error message...
ghinstallation 安全漏洞
ghinstallation is a library for Bradley Falzon Personal Developers. Authentication is performed as an installation workflow. A security vulnerability exists in ghinstallation versions prior to 2.0.0, which stems from a short-lived token that returns an HTTP request and response for debugging when...
PT-2022-24887 · Unknown · Ghinstallation
Name of the Vulnerable Software and Affected Versions: ghinstallation versions 1 through 1 ghinstallation version 2.0.0 is not affected as it contains the fix for the issue. Description: The issue concerns ghinstallation, which provides transport implementing http.RoundTripper for authentication ...
keycloak: Session takeover with OIDC offline refreshtokens
A flaw was found in the offlineaccess scope in Keycloak. This issue would affect users of shared computers more especially if cookies are not cleared, due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to...
keycloak: Session takeover with OIDC offline refreshtokens
A flaw was found in the offlineaccess scope in Keycloak. This issue would affect users of shared computers more especially if cookies are not cleared, due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to...
keycloak: Session takeover with OIDC offline refreshtokens
A flaw was found in the offlineaccess scope in Keycloak. This issue would affect users of shared computers more especially if cookies are not cleared, due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to...
Description of the security update for SharePoint Server 2019: December 13, 2022 (KB5002311)
Description of the security update for SharePoint Server 2019: December 13, 2022 KB5002311 Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability. To learn more about the vulnerability, see the following security advisories: Microsoft Common...
Security Bulletin: A security vulnerability has been identified in IBM® SDK, Java™ Technology Edition shipped with IBM Tivoli Business Service Manager (CVE-2022-3676)
Summary IBM® SDK, Java™ Technology Edition is shipped as a component of IBM Tivoli Business Service Manager. Information about a security vulnerability affecting IBM® SDK, Java™ Technology Edition has been published in a security bulletin. Vulnerability Details CVEID:CVE-2022-3676 DESCRIPTION:...
Sliderby10Web < 1.2.53 - Admin+ Stored XSS
The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. PoC 1. Go to "Slider » Sliders" and edit one of...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an incorrect TLB refresh issue in the GPU i915 kernel driver, which could lead to random memory corruption o...
postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names
A flaw was found in PostgresQL. This flaw allows an attacker to benefit from a miss escaping character and leads to a SQL injection attack due to Java.sql.ResultRow.refreshRow implementation from PGSQL...
CVE-2022-3916
A flaw was found in the offlineaccess scope in Keycloak. This issue would affect users of shared computers more especially if cookies are not cleared, due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to...
Red Hat Keycloak 代码问题漏洞
Red Hat Keycloak is a suite of software from Red Hat, Inc. that provides authentication and management capabilities for modern applications and services. A security vulnerability exists in Red Hat Keycloak offlineaccess, which stems from a lack of root session authentication and reuse of session...
Analytics for WP <= 1.5.1 - Admin+ Stored XSS
The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. 1. In the Settings page of this plugin, in the bo...
reCAPTCHA <= 1.6 - Admin+ Stored XSS
The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. PoC 1. On the setting page of this plugin, enter...
CVE-2020-15853
supybot-fedora implements the command 'refresh', that refreshes the cache of all users from FAS. This takes quite a while to run, and zodbot stops responding to requests during this time...