EUVD-2014-8160

Malware in sbrugna...

EUVD-2024-49773

Malicious code in bioql PyPI...

Drupal Open Social module < 12.3.11,12.4.0-12.4.9 - Unauthenticated Multiple Vulnerabilities vulnerability

Unauthenticated Multiple Vulnerabilities vulnerability discovered by Robert Ragas robertragas in WordPress Module Open Social versions 12.3.11,12.4.0-12.4.9...

Drupal Open Social module 11.8.0-12.3.9,12.4.0-12.4.8 - Unauthenticated Broken Access Control vulnerability

Unauthenticated Broken Access Control vulnerability discovered by corn696 in WordPress Module Open Social versions 11.8.0-12.3.9,12.4.0-12.4.8...

CVE-2024-9174

Stored HTML Injection in Social Module in M-Files Hubshare before version 5.0.8.6 allows authenticated user to spoof UI...

CVE-2024-9174

Stored HTML Injection in Social Module in M-Files Hubshare before version 5.0.8.6 allows authenticated user to spoof UI...

CVE-2024-9174 Stored HTML Injection in Hubshare social module

Stored HTML Injection in Social Module in M-Files Hubshare before version 5.0.8.6 allows authenticated user to spoof UI...

CVE-2024-9174 Stored HTML Injection in Hubshare social module

Stored HTML Injection in Social Module in M-Files Hubshare before version 5.0.8.6 allows authenticated user to spoof UI...

CVE-2024-9174

CVE-2024-9174 affects M-Files Hubshare (Social Module) prior to version 5.0.8.6. It is a stored HTML injection vulnerability that allows an authenticated user to spoof the UI. Root cause: HTML injection in the Social Module; impact includes UI spoofing. The PT-Security advisory corroborates the a...

PT-2024-39472 · M Files · M-Files Hubshare

Name of the Vulnerable Software and Affected Versions: M-Files Hubshare versions prior to 5.0.8.6 Description: The issue allows an authenticated user to spoof the UI through stored HTML injection in the Social Module. Recommendations: For versions prior to 5.0.8.6, update to version 5.0.8.6 or...

Drupal Open Social module < 12.3.8,12.4.0-12.4.4,13.0.0-13.0.0-alpha10 - Authenticated Multiple Vulnerabilities

Authenticated Multiple Vulnerabilities discovered by Thiago Régis in WordPress Module Open Social versions 12.3.8,12.4.0-12.4.4,13.0.0-13.0.0-alpha10...

Drupal Open Social module < 12.3.8,12.4.0-12.4.4,13.0.0-13.0.0-alpha10 - Unauthenticated Denial of Service Attack vulnerability

Unauthenticated Denial of Service Attack vulnerability discovered by vnech in WordPress Module Open Social versions 12.3.8,12.4.0-12.4.4,13.0.0-13.0.0-alpha10...

CVE-2024-5142

Stored Cross-Site Scripting vulnerability in Social Module in M-Files Hubshare before version 5.0.6.0 allows authenticated attacker to run scripts in other users browser...

CVE-2024-5142

Stored Cross-Site Scripting vulnerability in Social Module in M-Files Hubshare before version 5.0.6.0 allows authenticated attacker to run scripts in other users browser...

CVE-2024-5142 XSS in Hubshare's social module

Stored Cross-Site Scripting vulnerability in Social Module in M-Files Hubshare before version 5.0.6.0 allows authenticated attacker to run scripts in other users browser...

PT-2024-34626

Name of the Vulnerable Software and Affected Versions M-Files Hubshare versions prior to 5.0.6.0 Description The issue allows an authenticated attacker to run scripts in other users' browsers due to a Stored Cross-Site Scripting vulnerability in the Social Module. Recommendations For versions pri...

CVE-2014-8319

Cross-site scripting XSS vulnerability in the easysocialadminsummary function in the Easy Social module 7.x-2.x before 7.x-2.11 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via a block title...

Cross site scripting

Cross-site scripting XSS vulnerability in the easysocialadminsummary function in the Easy Social module 7.x-2.x before 7.x-2.11 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via a block title...

CVE-2014-8319

CVE-2014-8319 describes a cross-site scripting (XSS) vulnerability in the Drupal Easy Social module (version 7.x-2.x prior to 7.x-2.11). The issue arises from insufficient validation of block titles when users create a custom block via the module’s admin interface, allowing remote authenticated u...

CVE-2012-2117

Cross-site scripting XSS vulnerability in the Gigya - Social optimization module 6.x before 6.x-3.2 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...