7 matches found
CVE-2025-9407 mtons mblog profile cross site scripting
A flaw has been found in mtons mblog up to 3.5.0. Affected by this vulnerability is an unknown functionality of the file /settings/profile. Executing manipulation of the argument signature can lead to cross site scripting. The attack may be launched remotely. The exploit has been published and ma...
GHSA-9P8X-F768-WP2G xml-crypto Vulnerable to XML Signature Verification Bypass via Multiple SignedInfo References
Impact An attacker may be able to exploit this vulnerability to bypass authentication or authorization mechanisms in systems that rely on xml-crypto for verifying signed XML documents. The vulnerability allows an attacker to modify a valid signed XML message in a way that still passes signature...
SUSE CVE-2021-25636
LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to...
PT-2021-6784 · Document Foundation +9 · Libreoffice +9
Name of the Vulnerable Software and Affected Versions: LibreOffice versions 7.2 prior to 7.2.5 Description: The issue is related to improper certificate validation in LibreOffice, allowing an attacker to create a digitally signed ODF document by manipulating the documentsignatures.xml or...
PT-2013-63: Hash Length Extension in HTMLPurifier
The specialists of the Positive Research center have detected a vulnerability in HTMLPurifier that allows attackers to carry out a "Hash Length Extension" attack.. Class HTMLPurifierURIFilterMunge implements a URI filter that replaces all links with a formatted URL, for example, it can be used to...
Microsoft .NET Framework 3.5 SP1 Security Update for Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB979916)
A security issue has been identified that could allow an attacker to tamper with digitally signed content without being detected, when this content is being consumed by an application that makes use of the Microsoft .NET Framework on a Windows-based system. You can help protect your computer by...
Microsoft .NET Framework 3.5 Security Update for Windows Server 2003 and Windows XP for x64-based Systems (KB982865)
A security issue has been identified that could allow an attacker to tamper with digitally signed content without being detected, when this content is being consumed by an application that makes use of the Microsoft .NET Framework on a Windows-based system. You can help protect your computer by...