Nervos CKB calculation of program load cycles may be missed when executing in resume mode

Impact The calculation of program load cycles may be missed when executing in resume mode. Since the script execution order is now determined, this issue does not cause network splitting...

bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy

A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the data-target property of scrollspy. This flaw allows a remote attacker to execute a script in a victim's Web browser within the security context of the hosting...

bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy

A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the data-target property of scrollspy. This flaw allows a remote attacker to execute a script in a victim's Web browser within the security context of the hosting...

Cross site scripting

A stored cross-site scripting XSS vulnerability in /index.php?page=help of Revenue Collection System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into sent messages...

Revenue Collection System 跨站脚本漏洞

Revenue Collection System is a landed property billing and payment software by Carlo Montero Individual Developer. A security vulnerability exists in Revenue Collection System v1.0, which stems from its /index.php?page=help component that allows an attacker to execute arbitrary web script or HTML...

OpenCats 跨站脚本漏洞

OpenCats is an open source recruitment process management system. OpenCats v0.9.7 version of a security vulnerability , the vulnerability stems from its /opencats/index.php?m=calendar component of the Description or Title of the text field of the operation allows an attacker to inject a carefully...

Piwigo 跨站脚本漏洞

Piwigo is a Web-based open source photo gallery software. The software includes features such as image management, image categorization and permission management. A security vulnerability exists in Piwigo v13.4.0, which stems from its identification.php component's manipulation of User-Agent that...

CVE-2022-45730

A cross-site scripting XSS vulnerability in Doctor Appointment Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search function...

CVE-2022-46624

CVE-2022-46624 affects Online Graduate Tracer System v1.0.0 and is described as a cross-site scripting (XSS) vulnerability that allows an attacker to execute arbitrary web scripts or HTML through a crafted payload injected into the name parameter. Connected sources corroborate that the affected v...

CVE-2022-38758 XSS vulnerabilities in iManager

Cross-site Scripting XSS vulnerability in NetIQ iManager prior to version 3.2.6 allows attacker to execute malicious scripts on the user's browser. This issue affects: Micro Focus NetIQ iManager NetIQ iManager versions prior to 3.2.6 on ALL...

AlmaLinux 9 : libreoffice (ALSA-2023:0304)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:0304 advisory. - LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme...

EasyMail vulnerable to cross-site scripting

Overview EasyMail provided by First Net Japan Inc. contains a stored cross-site scripting vulnerability CWE-79. Toyama Taku reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary script may be executed...

EasyMail 跨站脚本漏洞

First Net Japan EasyMail is a PHP-developed free email form CMS from First Net Japan. A security vulnerability exists in EasyMail 2.00.130 and earlier versions, which is caused by the presence of stored cross-site scripting that may execute arbitrary script on the browser of a user accessing a...

libreoffice security update

7.1.8.1-8.0.1 - Replace colors with Oracle colors Orabug: 32120093 - Build with --with-vendor='Oracle America, Inc.' - Added the --with-hamcrest option to configure. 1:7.1.8.1-8 - Resolves: rhbz2134759 Untrusted Macros - Resolves: rhbz2134757 Weak Master Keys - Resolves: rhbz2134755 Static...

Oracle Linux 9 : libreoffice (ELSA-2023-0304)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-0304 advisory. 7.1.8.1-8.0.1 - Replace colors with Oracle colors Orabug: 32120093 - Build with --with-vendor='Oracle America, Inc.' - Added the --with-hamcrest option...

RHEL 9 : libreoffice (RHSA-2023:0304)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0304 advisory. LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor...

Moderate: libreoffice security update

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...

CVE-2022-41441

Multiple cross-site scripting XSS vulnerabilities in ReQlogic v11.3 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the POBatch and WaitDuration parameters...

libreoffice security update

6.4.7.2-12.0.1 - Replace colors with Oracle colors Orabug: 32120093 - Build with --with-vendor='Oracle America, Inc.' - Added the --with-hamcrest option to configure. 1:6.4.7.2-12 - Resolves: rhbz2134752 CVE-2022-26305 Untrusted Macros - Resolves: rhbz2134751 CVE-2022-26307 Weak Master Keys -...

Oracle Linux 8 : libreoffice (ELSA-2023-0089)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-0089 advisory. - Resolves: rhbz2134752 CVE-2022-26305 Untrusted Macros - Resolves: rhbz2134751 CVE-2022-26307 Weak Master Keys - Resolves: rhbz2134750 CVE-2022-26306...