Palo Alto Networks PAN-OS Cross-Site Scripting Vulnerability (CNVD-2018-21185)

Palo Alto Networks PAN-OS is an operating system developed by Palo Alto Networks, Inc. for its firewall appliances. A cross-site scripting vulnerability in the GlobalProtect Portal Login page in versions of Palo Alto Networks PAN-OS prior to 8.1.4 can be exploited by remote attackers to inject...

EulerOS 2.0 SP3 : mutt (EulerOS-SA-2018-1305)

According to the versions of the mutt package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - mutt: Remote code injection vulnerability to an IMAP mailbox CVE-2018-14354 - mutt: Remote Code Execution via backquote characters CVE-2018-14357 -...

EulerOS 2.0 SP2 : mutt (EulerOS-SA-2018-1304)

According to the versions of the mutt package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - mutt: Remote code injection vulnerability to an IMAP mailbox CVE-2018-14354 - mutt: Remote Code Execution via backquote characters CVE-2018-14357 -...

IBM Rational Engineering Lifecycle Manager Cross-Site Scripting Vulnerability (CNVD-2018-20088)

IBM Rational Engineering Lifecycle Manager is a suite of engineering lifecycle management software from IBM in the United States. A cross-site scripting vulnerability exists in IBM Rational Engineering Lifecycle Manager versions 5.0 through 5.02 and 6.0 through 6.0.6. A remote attacker can exploi...

Subsonic cross-site scripting vulnerability (CNVD-2018-20096)

Subsonic is a media file hosting platform developed and maintained by software developer Sindre Mehus. A cross-site scripting vulnerability exists in the settings of the translation code in Subsonic version 6.1.1. A remote attacker can exploit the vulnerability by sending multiple parameters to t...

CuppaCMS Cross-Site Scripting Vulnerability

CuppaCMS is a content management system CMS. A cross-site scripting vulnerability exists in CuppaCMS 2018-09-03 and prior versions. A remote attacker can exploit the vulnerability by sending the 'section' parameter to the administrator//component/tablemanager/view/cumenus URL to inject malicious...

UBUNTU-CVE-2018-17183

Artifex Ghostscript before 9.25 allowed a user-writable error exception table, which could be used by remote attackers able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code...

CVE-2018-17183

Artifex Ghostscript before 9.25 allowed a user-writable error exception table, which could be used by remote attackers able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code...

GHSA-QC8J-M8J3-RJQ6 Moderate severity vulnerability that affects rails-html-sanitizer

Withdrawn, accidental duplicate publish. Cross-site scripting XSS vulnerability in the rails-html-sanitizer gem before 1.0.3 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via crafted tag attributes...

Design/Logic Flaw

In b3log Solo 2.9.3, XSS in the Input page under the Publish Articles menu, with an ID of linkAddress stored in the link JSON field, allows remote attackers to inject arbitrary Web scripts or HTML via a crafted site name provided by an administrator...

mutt security update

CentOS Errata and Security Advisory CESA-2018:2526 An update for mutt is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, whi...

CentOS Update for mutt CESA-2018:2526 centos7

Check the version of mutt SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882938";...

Oracle Linux 6 / 7 : mutt (ELSA-2018-2526)

The remote Oracle Linux 6 / 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2018-2526 advisory. 5:1.5.21-28 - Resolves: CVE-2018-14354 CVE-2018-14357 CVE-2018-14362 Tenable has extracted the preceding description block directly from the Oracle...

CentOS 6 / 7 : mutt (CESA-2018:2526)

An update for mutt is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

mutt: Remote code injection vulnerability to an IMAP mailbox

No description is available for this CVE...

Important: Red Hat Security Advisory: mutt security update

An update for mutt is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

RHEL 6 / 7 : mutt (RHSA-2018:2526)

The remote Redhat Enterprise Linux 6 / 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2018:2526 advisory. Mutt is a low resource, highly configurable, text-based MIME e-mail client. Mutt supports most e-mail storing formats, such as mbox and...

Cross site scripting

A cross-site scripting XSS vulnerability in the View Filters page viewfilterspage.php in MantisBT 2.1.0 through 2.15.0 allows remote attackers to inject arbitrary code if CSP settings permit it through a crafted PATHINFO...

CVE-2018-13055

CVE-2018-13055 family (MantisBT) : The cross‑site scripting flaw affects MantisBT 2.1.0–2.15.0 (and related advisories) via PATH_INFO on the View Filters page (view_filters_page.php) and related Edit Filter paths, caused by an incomplete fix for this issue. Connected entries reiterate the same XS...

CVE-2018-14513

An XSS vulnerability was discovered in WUZHI CMS 4.1.0. There is persistent XSS that allows remote attackers to inject arbitrary web script or HTML via the formcontent parameter to the index.php?m=feedback&f=index&v=contact URI...