angelo-cremona.com Cross Site Scripting vulnerability

Security Researcher Zodx Helped patch 35 vulnerabilities Received 1 Coordinated Disclosure badges , a holder of 1 badges for responsible and coordinated disclosure, found a security vulnerability affecting angelo-cremona.com website and its users. Following coordinated and responsible vulnerabili...

climatecentre.org Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1093888 Security Researcher CityBoy Helped patch 96 vulnerabilities Received 3 Coordinated Disclosure badges Received 1 recommendations , a holder of 3 badges for responsible and coordinated disclosure, found a security vulnerability affecting climatecentre.org website and...

lexikon.immobilien-fachwissen.de Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1091821 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

PT-2020-15329 · Jenkins · Jenkins Brakeman Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Brakeman Plugin versions 0.12 and earlier Description: The issue is related to a stored cross-site scripting vulnerability. It occurs because the plugin does not escape values received from parsed JSON files when rendering them. This...

Security Bulletin: A security vulnerability has been identified in Websphere Application Server shipped with Predictive Customer Intelligence (CVE-2017-1121)

Summary Websphere Application Server is shipped with Predictive Customer Intelligence. Information about security vulnerabilities affecting Websphere Application Server has been published in a security bulletin. Vulnerability Details Please consult the security bulletin Security Bulletin: Potenti...

Security Bulletin: Security vulnerabilities have been identified in Websphere Application Server shipped with Predictive Customer Intelligence (CVE-2017-1381, CVE-2017-1382, CVE-2017-1380)

Summary Websphere Application Server is shipped with Predictive Customer Intelligence. Information about security vulnerabilities affecting Websphere Application Server has been published in a security bulletin. Vulnerability Details Please consult the security bulletins Security Bulletin:...

lechvizit.com.ua Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1085145 Security Researcher geeknik Helped patch 8815 vulnerabilities Received 8 Coordinated Disclosure badges Received 20 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting lechvizit.com.ua website a...

partnerize.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1084966 Security Researcher k0t Helped patch 2151 vulnerabilities Received 9 Coordinated Disclosure badges Received 98 recommendations , a holder of 9 badges for responsible and coordinated disclosure, found a security vulnerability affecting partnerize.com website and its...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server that is shipped with IBM Rational ClearQuest (CVE-2017-1380)

Summary IBM WebSphere Application Server WAS is shipped as a component of IBM Rational ClearQuest. Information about a security vulnerability affecting WAS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

thegardenfloristlismore.com.au Cross Site Scripting vulnerability

Security Researcher metamorfosec Helped patch 1919 vulnerabilities Received 9 Coordinated Disclosure badges Received 31 recommendations , a holder of 9 badges for responsible and coordinated disclosure, found a security vulnerability affecting thegardenfloristlismore.com.au website and its users...

shorelinechildrensdental.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1080041 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

CVE-2020-3758

Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure...

Security Bulletin: Security Vulnerability Has Been Identified In WebSphere Application Server shipped with IBM Tivoli Federated Identity Manager (CVE-2019-4270)

Summary WebSphere Application Server is shipped with IBM Tivoli Federated Identity Manager. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletinss listed in the...

CVE-2019-20442

An issue was discovered in WSO2 API Manager 2.6.0, WSO2 Enterprise Integrator 6.5.0, WSO2 IS as Key Manager 5.7.0, and WSO2 Identity Server 5.8.0. A potential stored Cross-Site Scripting XSS vulnerability in roleToAuthorize has been identified in the registry UI...

bankinter.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1074782 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

jenkins: XSS vulnerability in Jenkins URL setting

Jenkins 2.196 and earlier, LTS 2.176.3 and earlier did not restrict or filter values set as Jenkins URL in the global configuration, resulting in a stored XSS vulnerability exploitable by attackers with Overall/Administer permission...

mediabank.visitstockholm.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1072244 Security Researcher RajWaghela8 Helped patch 23 vulnerabilities Received 1 Coordinated Disclosure badges , a holder of 1 badges for responsible and coordinated disclosure, found a security vulnerability affecting mediabank.visitstockholm.com website and its users...

CVE-2019-16466

Adobe Experience Manager versions 6.5, 6.4, 6.3, 6.2, 6.1, and 6.0 have a reflected cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure...

GHSA-8J72-P2WM-6738 Persistent XSS vulnerability in filename of attached file in PrivateBin

On 24th of December 2019 one of the property based unit tests reported a failure. Upon investigation, @elrido discovered that the failure was due to unescaped HTML, which allowed the user provided attachment file name to inject HTML under certain conditions leading to a persistent Cross-site...

franchising.bg Cross Site Scripting vulnerability

Security Researcher ImPRINCE Helped patch 122 vulnerabilities Received 3 Coordinated Disclosure badges , a holder of 3 badges for responsible and coordinated disclosure, found a security vulnerability affecting franchising.bg website and its users. Following coordinated and responsible...