CVE-2023-31868

Sage X3 version 12.14.0.50-0 is vulnerable to Cross Site Scripting XSS. Some parts of the Web application are dynamically built using user's inputs. Yet, those inputs are not verified nor filtered by the application, so they mathed the expected format. Therefore, when HTML/JavaScript code is...

EUVD-2020-28516

Malware in sbrugna...

EUVD-2020-28515

Malware in sbrugna...

EUVD-2023-36157

Malicious code in bioql PyPI...

EUVD-2023-36158

Malicious code in bioql PyPI...

CVE-2023-31867

Sage X3 version 12.14.0.50-0 is vulnerable to CSV Injection...

Sage X3 AdxAdmin Login Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/loginscanner/x3' require 'metasploit/framework/credentialcollection' class MetasploitModule 'Sage X3 AdxAdmin Login Scanner', 'Description'...

The vulnerability of the Sage X3 business automation system, related to the lack of measures taken to protect the website structure, allows attackers to carry out cross-site scripting attacks.

The vulnerability of the Sage X3 enterprise automation system lies in the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out cross-site scripting attacks using a specially created link...

CVE-2023-31867

Sage X3 version 12.14.0.50-0 is vulnerable to CSV Injection...

CVE-2023-31868

Sage X3 version 12.14.0.50-0 is vulnerable to Cross Site Scripting XSS. Some parts of the Web application are dynamically built using user's inputs. Yet, those inputs are not verified nor filtered by the application, so they mathed the expected format. Therefore, when HTML/JavaScript code is...

CVE-2023-31867

Sage X3 version 12.14.0.50-0 is vulnerable to CSV Injection...

CVE-2023-31868

Sage X3 version 12.14.0.50-0 is vulnerable to Cross Site Scripting XSS. Some parts of the Web application are dynamically built using user's inputs. Yet, those inputs are not verified nor filtered by the application, so they mathed the expected format. Therefore, when HTML/JavaScript code is...

Cross site scripting

Sage X3 version 12.14.0.50-0 is vulnerable to Cross Site Scripting XSS. Some parts of the Web application are dynamically built using user's inputs. Yet, those inputs are not verified nor filtered by the application, so they mathed the expected format. Therefore, when HTML/JavaScript code is...

Input validation

Sage X3 version 12.14.0.50-0 is vulnerable to CSV Injection...

CVE-2023-31868

Sage X3 version 12.14.0.50-0 is vulnerable to Cross Site Scripting XSS. Some parts of the Web application are dynamically built using user's inputs. Yet, those inputs are not verified nor filtered by the application, so they mathed the expected format. Therefore, when HTML/JavaScript code is...

CVE-2023-31867

Sage X3 version 12.14.0.50-0 is vulnerable to CSV Injection...

Sage Group Sage X3 跨站脚本漏洞

Sage Group Sage X3 is a software application from Sage Group UK. An enterprise resource planning ERP product developed for mature organizations. A security vulnerability exists in Sage X3 version 12.14.0.50-0, which arises from the fact that portions of the web application are dynamically...

CVE-2023-31868

CVE-2023-31868 concerns Sage X3 Web, version 12.14.0.50-0, with cross-site scripting (XSS) via unsanitized user input in parts of the web app that are dynamically built. The vulnerability is triggered when HTML/JavaScript code is injected into input fields that are not validated/filtered, and suc...

CVE-2023-31867

Sage X3 v12.14.0.50-0 is documented as vulnerable to CSV injection. The issue affects the Sage X3 software, with the root cause described in connected records as related to input validation (per PRION entry). The CVE entry notes CSV injection as the vulnerability, and Red Hat/CNNVD/NVD references...

CVE-2023-31867

Sage X3 version 12.14.0.50-0 is vulnerable to CSV Injection...