PT-2025-44354

Name of the Vulnerable Software and Affected Versions Drupal JSON Field versions prior to 1.5 Description A flaw exists in Drupal JSON Field that allows for Cross-Site Scripting XSS. This issue is due to improper neutralization of input during web page generation. Successful exploitation could...

PT-2024-15044

Name of the Vulnerable Software and Affected Versions CyberMath versions 1.4 through 1.4 Description The issue allows an unrestricted upload of a file with a dangerous type, enabling the upload of a web shell to a web server. This can be exploited to gain unauthorized access to the server...

PT-2024-15042

Name of the Vulnerable Software and Affected Versions CyberMath versions 1.4 through 1.4 Description The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Stored XSS. This affects the CyberMath software. Recommendations F...

PT-2024-15043

Name of the Vulnerable Software and Affected Versions CyberMath versions 1.4 through 1.4 Description The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. This affects the CyberMath software. Recommendation...

PT-2020-15389 · Usemango +1 · Usemango Runner Plugin +1

Name of the Vulnerable Software and Affected Versions: useMango Runner Plugin versions 1.4 and earlier Description: The issue is related to a cross-site scripting XSS vulnerability. Multiple form validation endpoints in the useMango Runner Plugin do not escape values received from the useMango...

PT-2019-13425 · Ping Identity · Ping Identity Agentless Integration Kit

Name of the Vulnerable Software and Affected Versions: Ping Identity Agentless Integration Kit versions prior to 1.5 Description: The issue is related to a Reflected Cross-site Scripting XSS problem. There is no information provided about the estimated number of potentially affected devices...