EUVD-2024-1777

Malicious code in bioql PyPI...

EUVD-2024-1704

Malicious code in bioql PyPI...

CVE-2024-35239

Umbraco Commerce is an open source dotnet web forms solution. In affected versions an authenticated user that has access to edit Forms may inject unsafe code into Forms components. This issue can be mitigated by configuring TitleAndDescription:AllowUnsafeHtmlRendering after upgrading to one of th...

CVE-2024-35240

Umbraco Commerce is an open source dotnet ecommerce solution. In affected versions there exists a stored Cross-site scripting XSS issue which would enable attackers to inject malicious code into Print Functionality. This issue has been addressed in versions 12.1.4, and 10.0.5. Users are advised t...

Cross-site Scripting (XSS)

Umbraco Commerce is vulnerable to Cross-site Scripting XSS. The vulnerability is due to insufficient validation allowing authenticated users with access to edit forms to inject unsafe code into form components...

Cross-site Scripting (XSS)

Umbraco Commerce is vulnerable to stored Cross-site scripting XSS. The vulnerability is due to insufficient input validation in the Print Functionality, allowing attackers to inject malicious code...

Cross-site Scripting (XSS)

Overview Umbraco.Commerce is a the only Umbraco supported ecommerce solution that lets you sell how you want to sell. Affected versions of this package are vulnerable to Cross-site Scripting XSS through the Print functionality. An attacker can inject and execute malicious scripts by sending craft...

Umbraco Commerce vulnerable to Stored Cross-site Scripting on Print Functionality

Impact Stored Cross-site scripting XSS enable attackers to inject malicious code into Print Functionality Patches 12.1.4, 10.0.5 References https://docs.umbraco.com/umbraco-commerce/release-notesid-13.0.0-december-13th-2023...

GHSA-RPJ9-XJWM-WR6W Umbraco Commerce vulnerable to Stored Cross-site Scripting on Print Functionality

Impact Stored Cross-site scripting XSS enable attackers to inject malicious code into Print Functionality Patches 12.1.4, 10.0.5 References https://docs.umbraco.com/umbraco-commerce/release-notesid-13.0.0-december-13th-2023...

CVE-2024-35239

Umbraco Commerce is an open source dotnet web forms solution. In affected versions an authenticated user that has access to edit Forms may inject unsafe code into Forms components. This issue can be mitigated by configuring TitleAndDescription:AllowUnsafeHtmlRendering after upgrading to one of th...

CVE-2024-35240

Umbraco Commerce is an open source dotnet ecommerce solution. In affected versions there exists a stored Cross-site scripting XSS issue which would enable attackers to inject malicious code into Print Functionality. This issue has been addressed in versions 12.1.4, and 10.0.5. Users are advised t...

CVE-2024-35240 Stored Cross-site Scripting on Print Functionality in Umbraco Commerce

Umbraco Commerce is an open source dotnet ecommerce solution. In affected versions there exists a stored Cross-site scripting XSS issue which would enable attackers to inject malicious code into Print Functionality. This issue has been addressed in versions 12.1.4, and 10.0.5. Users are advised t...

CVE-2024-35240 Stored Cross-site Scripting on Print Functionality in Umbraco Commerce

Umbraco Commerce is an open source dotnet ecommerce solution. In affected versions there exists a stored Cross-site scripting XSS issue which would enable attackers to inject malicious code into Print Functionality. This issue has been addressed in versions 12.1.4, and 10.0.5. Users are advised t...

CVE-2024-35240 Stored Cross-site Scripting on Print Functionality in Umbraco Commerce

Umbraco Commerce is an open source dotnet ecommerce solution. In affected versions there exists a stored Cross-site scripting XSS issue which would enable attackers to inject malicious code into Print Functionality. This issue has been addressed in versions 12.1.4, and 10.0.5. Users are advised t...

PT-2024-26402 · Umbraco · Umbraco Commerce

Name of the Vulnerable Software and Affected Versions: Umbraco Commerce versions prior to 8.13.13 Umbraco Commerce versions prior to 10.5.3 Umbraco Commerce versions prior to 12.2.2 Umbraco Commerce versions prior to 13.0.1 Description: An issue exists where an authenticated user with access to...

Umbraco Commerce 安全漏洞

Umbraco Commerce is an e-commerce solution from Umbraco, Denmark. A security vulnerability exists in Umbraco Commerce that stems from a stored cross-site scripting XSS vulnerability in the Print feature. Affected products and versions: Umbraco Commerce versions prior to 12.1.4, versions prior to...

PT-2024-26404 · Umbraco · Umbraco Commerce

Name of the Vulnerable Software and Affected Versions: Umbraco Commerce versions prior to 10.0.5 Umbraco Commerce versions prior to 12.1.4 Description: The issue is a stored Cross-site scripting XSS problem that allows attackers to inject malicious code into the Print Functionality. This enables...

Umbraco Commerce 跨站脚本漏洞

Umbraco Commerce is an e-commerce solution from Umbraco, Denmark. A cross-site scripting vulnerability exists in Umbraco Commerce that stems from a stored cross-site scripting XSS vulnerability in a component of Umbraco Forms. Affected products and versions: Umbraco Commerce versions prior to...