Malicious code in tradingview-desktop (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-3154 Malicious code in tradingview-desktop (npm)

--- -= Per source details. Do not edit below this line.=-...

CVE-2024-32536

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Trade Pips WP TradingView allows Stored XSS.This issue affects WP TradingView: from n/a through 1.7...

CVE-2024-32536

CVE-2024-32536 corresponds to a stored XSS in WordPress WP TradingView plugin. The vulnerability is described as improper neutralization of input during web page generation and affects WP TradingView from an unknown prior version up to 1.7. The connected sources indicate this CVE has not been pub...

CVE-2024-32536 WordPress WP TradingView plugin <= 1.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Trade Pips WP TradingView allows Stored XSS.This issue affects WP TradingView: from n/a through 1.7...

CVE-2024-32536 WordPress WP TradingView plugin <= 1.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Trade Pips WP TradingView allows Stored XSS.This issue affects WP TradingView: from n/a through 1.7...

WordPress Plugin WP TradingView 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...

PT-2024-24656 · WordPress · Wp Tradingview

Name of the Vulnerable Software and Affected Versions: WP TradingView versions 1.7 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Stored XSS attacks. Recommendations: For WP...

WordPress WP TradingView plugin <= 1.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin WP TradingView versions = 1.7...

WordPress WP TradingView Plugin <= 1.7 is vulnerable to Cross Site Scripting (XSS)

Software WP TradingView Type Plugin Vulnerable versions = 1.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32536 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 6fd1b449cadd Credits Majed Refaea Required privilege Contributor...

Atomic Stealer Gets an Upgrade - Targeting Mac Users with Encrypted Payload

Cybersecurity researchers have identified an updated version of a macOS information stealer called Atomic or AMOS, indicating that the threat actors behind the malware are actively enhancing its capabilities. "It looks like Atomic Stealer was updated around mid to late December 2023, where its...

Mac Users Beware: Malvertising Campaign Spreads Atomic Stealer macOS Malware

A new malvertising campaign has been observed distributing an updated version of a macOS stealer malware called Atomic Stealer or AMOS, indicating that it's being actively maintained by its author. An off-the-shelf Golang malware available for $1,000 per month, Atomic Stealer first came to light ...

CVE-2022-31487

Inout Blockchain AltExchanger 1.2.1 and Inout Blockchain FiatExchanger 2.2.1 allow Chart/TradingView/chartcontent/master.php symbol SQL injection...

CVE-2022-31487

CVE-2022-31487 affects Inout Blockchain AltExchanger 1.2.1 and Inout Blockchain FiatExchanger 2.2.1. The root cause is a SQL injection in Chart/TradingView/chart_content/master.php symbol parameter due to missing input filtering/escaping. Documented impact includes potential data exposure (confid...

TradingView Cross-Site Scripting Vulnerability

TradingView Charting Library is an open source and free K chart analysis tool, with a comprehensive API. support for ordinary json data UDF, there is also support for websocket JSAPI, most of the digital currency exchanges use this component library as a K line analysis tool. TradingView has a...