28 matches found
EUVD-2021-15696
Malware in sbrugna...
EUVD-2019-16941
Malware in sbrugna...
EUVD-2025-8607
Malicious code in bioql PyPI...
CVE-2025-31440
Cross-Site Request Forgery CSRF vulnerability in Strategy11 Team Terms of Use terms-of-use-2 allows Stored XSS.This issue affects Terms of Use: from n/a through = 2.0...
WordPress Terms of Use plugin <= 2.0 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability
Cross Site Request Forgery CSRF to Stored XSS vulnerability discovered by Nguyen Thi Huyen Trang - Skalucy in WordPress Plugin Terms of Use versions = 2.0...
CVE-2025-31440
Cross-Site Request Forgery CSRF vulnerability in Strategy11 Team Terms of Use terms-of-use-2 allows Stored XSS.This issue affects Terms of Use: from n/a through = 2.0...
CVE-2025-31440 WordPress Terms of Use plugin <= 2.0 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in Strategy11 Team Terms of Use allows Stored XSS. This issue affects Terms of Use: from n/a through 2.0...
CVE-2025-31440 WordPress Terms of Use plugin <= 2.0 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in Strategy11 Team Terms of Use terms-of-use-2 allows Stored XSS.This issue affects Terms of Use: from n/a through = 2.0...
WordPress plugin Terms of Use 跨站请求伪造漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site request forgery vulnerability exists ...
Mozilla Tweaks Firefox Terms After Uproar Over Data Use Language
Firefox's new Terms of Use spark user backlash over data rights. Learn how Mozilla responded to concerns about…...
Mozilla Updates Firefox Terms Again After Backlash Over Broad Data License Language
Firefox browser maker Mozilla on Friday updated its Terms of Use a second time within a week following criticism overbroad language that appeared to give the company the rights to all information uploaded by users. The revised Terms of Use now states - You give Mozilla the rights necessary to...
CVE-2024-28442
Directory Traversal vulnerability in Yealink VP59 v.91.15.0.118 allows a physically proximate attacker to obtain sensitive information via terms of use function in the company portal component...
YeaLink VP59 安全漏洞
YeaLink VP59 is a flagship smart video phone from China YeaLink YeaLink. A security vulnerability exists in YeaLink VP59 version v.91.15.0.118, which originates from a vulnerability that allows an attacker to gain access to sensitive information via the terms of use feature in the company portal...
Cross-Site Request Forgery (CSRF)
liferay.portal is vulnerable to Cross-Site Request Forgery CSRF. The vulnerability exists due to insufficient validation of requests in the terms of use page within Liferay Portal, which can be exploited by remote attackers through social engineering, enticing users to visit a malicious page and...
Liferay Portal and Liferay DXP Vulnerable to Cross-Site Request Forgery in Terms of Use Page
Cross-Site Request Forgery CSRF vulnerability in the terms of use page in the implementation for the portal services package before 5.25.0 from Liferay Portal before 7.3.6, and Liferay DXP 7.3 before service pack 1, 7.2 before fix pack 11 allows remote attackers to accept the site's terms of use...
GHSA-MH9R-9PCX-RX55 Liferay Portal and Liferay DXP Vulnerable to Cross-Site Request Forgery in Terms of Use Page
Cross-Site Request Forgery CSRF vulnerability in the terms of use page in the implementation for the portal services package before 5.25.0 from Liferay Portal before 7.3.6, and Liferay DXP 7.3 before service pack 1, 7.2 before fix pack 11 allows remote attackers to accept the site's terms of use...
Liferay Portal and Liferay DXP Security Vulnerabilities
Liferay Portal and Liferay DXP are both products of Liferay Inc.Liferay Portal is a J2EE-based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP ...
CVE-2021-29050
Cross-Site Request Forgery CSRF vulnerability in the terms of use page in Liferay Portal before 7.3.6, and Liferay DXP 7.3 before service pack 1, 7.2 before fix pack 11 allows remote attackers to accept the site's terms of use via social engineering and enticing the user to visit a malicious page...
CVE-2021-29050
CVE-2021-29050 describes a Cross-Site Request Forgery (CSRF) in the terms of use page of Liferay Portal prior to 7.3.6 and Liferay DXP 7.3 before SP1, and 7.2 before FP-11.** The underlying issue** is insufficient validation on the terms-of-use acceptance flow, enabling remote attackers to trick ...
PT-2024-10916 · Liferay · Liferay Dxp +1
Name of the Vulnerable Software and Affected Versions: Liferay Portal versions prior to 7.3.6 Liferay DXP 7.3 before service pack 1 Liferay DXP 7.2 before fix pack 11 Description: A Cross-Site Request Forgery CSRF issue exists in the terms of use page, allowing remote attackers to accept the site...