Astra Linux - уязвимость в rabbitmq-server

RabbitMQ is a multi-protocol messaging broker. In rabbitMQ-server prior to version 3.8.17, adding a new user through the management UI could result in the user’s banner being displayed in a confirmation message without proper tag sanitization, potentially allowing JavaScript code to execute withi...

EUVD-2021-19504

Malware in sbrugna...

RabbitMQ 3.8.x < 3.8.17 XSS

The version of RabbitMQ installed on the remote host is 3.8.x prior to 3.8.17. It is, therefore, affected by a cross-site scripting vulnerability: - In rabbitmq-server prior to version 3.8.17, a new user being added via management UI could lead to the user's bane being rendered in a confirmation...

WordPress的Video Conferencing with Zoom插件信息泄露漏洞

WordPress is a set of blogging platforms developed using the PHP language by the Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. An information disclosure vulnerability exists in WordPress Video Conferencing with Zoom Plugin prior to versi...

Video Conferencing with Zoom < 3.8.17 - E-mail Address Disclosure

The plugin does not have authorisation in its vczapigetwpusers AJAX action, allowing any authenticated users, such as subscriber to download the list of email addresses registered on the blog Open the following URL as a subscriber: https://example.com/wp-admin/admin-ajax.php?action=vczapigetwpuse...