CVE-2018-1000874

PHP cebe markdown parser version 1.2.0 and earlier contains a Cross Site Scripting XSS vulnerability in all distributed parsers allowing a malicious crafted script to be executed that can result in the lose of user data and sensitive user information. This attack can be exploited by crafting a...

CVE-2018-1000874

PHP cebe markdown parser version 1.2.0 and earlier contains a Cross Site Scripting XSS vulnerability in all distributed parsers allowing a malicious crafted script to be executed that can result in the lose of user data and sensitive user information. This attack can be exploited by crafting a...

Cumulative Update 38 for Microsoft Dynamics NAV 2016 (Build 50785)

Cumulative Update 38 for Microsoft Dynamics NAV 2016 Build 50785 This article applies to Microsoft Dynamics NAV 2016 for all countries and all language locales. Overview This cumulative update includes all hotfixes and regulatory features that have been released for Microsoft Dynamics NAV 2016,...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise (CVE-2018-1777)

Summary WebSphere Application Server is shipped as a component of IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise. Information about a potential cross-site scripting security vulnerability affecting IBM WebSphere Application Server Traditional has been published in a security bulleti...

SUSE-SU-2018:3771-2 Security update for squid

This update for squid fixes the following issues: Security issues fixed: - CVE-2018-19131: Fixed Cross-Site-Scripting vulnerability in the TLS error handling bsc1113668. - CVE-2018-19132: Fixed small memory leak in processing of SNMP packets bsc1113669. Non-security issues fixed: - Create runtime...

siciliafan.it XSS vulnerability

Open Bug Bounty ID: OBB-706472 Description| Value ---|--- Affected Website:| siciliafan.it Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

hotel-aubergemetzger.com XSS vulnerability

Open Bug Bounty ID: OBB-706208 Description| Value ---|--- Affected Website:| hotel-aubergemetzger.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:...

highlights.guru XSS vulnerability

Open Bug Bounty ID: OBB-703675 Description| Value ---|--- Affected Website:| highlights.guru Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden...

watanabephoto.studio XSS vulnerability

Open Bug Bounty ID: OBB-701654 Description| Value ---|--- Affected Website:| watanabephoto.studio Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:|...

SUSE-SU-2018:3786-1 Security update for squid

This update for squid fixes the following issues: Security issues fixed: - CVE-2018-19131: Fixed Cross-Site-Scripting vulnerability in the TLS error handling bsc1113668. - CVE-2018-19132: Fixed small memory leak in processing of SNMP packets bsc1113669. Non-security issues fixed: - Create runtime...

SUSE-SU-2018:3790-1 Security update for squid3

This update for squid3 fixes the following issues: Security issue fixed: - CVE-2018-19131: Fixed Cross-Site-Scripting vulnerability in the TLS error handling bsc1113668...

2938.ir XSS vulnerability

Open Bug Bounty ID: OBB-698683 Description| Value ---|--- Affected Website:| 2938.ir Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden until...

Chakra Scripting Engine Memory Corruption Vulnerability

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge HTML-based. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who...

hmark.com XSS vulnerability

Open Bug Bounty ID: OBB-697497 Description| Value ---|--- Affected Website:| hmark.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden until...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Case Manager (CVE-2018-1794)

Summary IBM WebSphere Application Server is shipped as a component of IBM Case Manager. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Please consult the security bulletin Security Bulletin:...

GHSA-79MX-88W7-8F7Q XSS Filter Bypass via Encoded URL in validator

Versions of validator prior to 2.0.0 contained an xss filter method that is affected by several filter bypasses. This may result in a cross-site scripting vulnerability. Proof of Concept The xss function removes the word "javascript" when contained inside an attribute. However, it does not proper...

jQuery 1.4.0 < 1.12.0 Cross-Site Scripting

According to its self-reported version number, jQuery is at least 1.4.0 and prior to 1.12.0 or at least 1.12.4 and prior to 3.0.0-beta1. Therefore, it may be affected by a cross-site scripting vulnerability due to cross-domain ajax request performed without the dataType. Note that the scanner has...

stofflexikon.com XSS vulnerability

Open Bug Bounty ID: OBB-694034 Description| Value ---|--- Affected Website:| stofflexikon.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden...

cksl.co XSS vulnerability

Open Bug Bounty ID: OBB-693455 Description| Value ---|--- Affected Website:| cksl.co Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden until...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Security Identity Manager (CVE-2018-1793)

Summary IBM WebSphere Application Server WAS is shipped as a component of IBM Security Identity Manager ISIM. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Please consult the security bulletin...