EUVD-2025-28098

Malicious code in bioql PyPI...

CVE-2025-10255

A vulnerability was determined in Ascensio System SIA OnlyOffice up to 12.7.0. Impacted is an unknown function of the file /Products/Projects/Messages.aspx of the component Comment Handler. Executing manipulation can lead to cross site scripting. The attack may be launched remotely. The exploit h...

CVE-2025-10255 Ascensio System SIA OnlyOffice Comment Messages.aspx cross site scripting

A vulnerability was determined in Ascensio System SIA OnlyOffice up to 12.7.0. Impacted is an unknown function of the file /Products/Projects/Messages.aspx of the component Comment Handler. Executing manipulation can lead to cross site scripting. The attack may be launched remotely. The exploit h...

Ascensio System ONLYOFFICE 安全漏洞

Ascensio System ONLYOFFICE is an office software from Ascensio System, Latvia. A security vulnerability exists in Ascensio System ONLYOFFICE version 12.7.0 and earlier, which stems from an incorrect manipulation of the component Comment Handler in the file /Products/Projects/Messages.aspx, which...

Ascensio System ONLYOFFICE 安全漏洞

Ascensio System ONLYOFFICE is an office software from Ascensio System, Latvia. A security vulnerability exists in Ascensio System ONLYOFFICE version 12.7.0 and earlier, which stems from improper handling of the SVG Image Handler component in file/Products/Projects/Messages.aspx, which could lead ...

PT-2024-32630 · Dell · Dell Inventory Collector Client

Name of the Vulnerable Software and Affected Versions: Dell Inventory Collector Client versions prior to 12.7.0 Description: The issue concerns an Improper Link Resolution Before File Access vulnerability. A low-privilege attacker with local access may exploit this vulnerability, potentially...

Solarwinds Web Help Desk Cross-Site Scripting Vulnerability (CNVD-2021-05123)

Solarwinds Web Help Desk is a suite of help desk and asset management software from Solarwinds USA. The software supports centralized knowledge base, IT asset management, project and task management, and more. SolarWinds Web Help Desk 12.7.0 suffers from a cross-site scripting vulnerability that...

SolarWinds Web Help Desk 注入漏洞

SolarWinds Web Help Desk is a web-based help desk work order and IT asset management software. An HTML injection vulnerability exists in SolarWinds Web Help Desk 12.7.0. The vulnerability can be exploited to conduct an HTML injection attack via a Comment in a Help Request work order...

CVE-2019-16956

SolarWinds Web Help Desk 12.7.0 allows XSS via the Request Type parameter of a ticket...

SolarWinds Web Help Desk 跨站脚本漏洞

Solarwinds Web Help Desk is a suite of help desk and asset management software from Solarwinds USA. The software supports centralized knowledge base, IT asset management, project and task management, and more. A cross-site scripting vulnerability exists in SolarWinds Web Help Desk 12.7.0 that...

SolarWinds Web Help Desk Cross-Site Scripting Vulnerability (CNVD-2020-73161)

SolarWinds Web Help Desk is a web-based help desk work order and IT asset management software. A cross-site scripting vulnerability exists in SolarWinds Web Help Desk 12.7.0. The vulnerability can be exploited to conduct cross-site scripting attacks via the "name" field of a user account...

SolarWinds Web Help Desk Cross-Site Scripting Vulnerability (CNVD-2020-73160)

SolarWinds Web Help Desk is a web-based help desk work order and IT asset management software. A cross-site scripting vulnerability exists in SolarWinds Web Help Desk 12.7.0. An attacker can exploit this vulnerability to conduct a cross-site scripting attack via an SVG document uploaded in a...

Solarwinds WebHelpDesk Injection Vulnerability

Solarwinds WebHelpDesk is a suite of helpdesk and asset management software from Solarwinds USA. The software supports features such as centralized knowledge base, IT asset management, project and task management. An injection vulnerability exists in SolarWinds Web Help Desk version 12.7.0 that...