CVE-2024-1242

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the button onclick attribute in all versions up to, and including, 4.10.18 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

PT-2024-17587 · WordPress · Premium Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Premium Addons for Elementor plugin for WordPress versions up to, and including, 4.10.18 Description: The issue is related to Stored Cross-Site Scripting via the button onclick attribute due to insufficient input sanitization and output...

PT-2024-24346 · Xwiki · Xwiki Platform

Name of the Vulnerable Software and Affected Versions: XWiki Platform versions 3.0.1 through 4.10.18 XWiki Platform versions 15.5.4 and earlier XWiki Platform versions prior to 15.10-rc-1 Description: The HTML escaping tool used in XWiki does not escape , which can allow XWiki syntax injection an...

PT-2024-24336 · Xwiki · Xwiki Platform

Name of the Vulnerable Software and Affected Versions: XWiki Platform versions 3.1 through 4.10.18 XWiki Platform versions 14.10.18 and earlier XWiki Platform versions 15.5.4 and earlier XWiki Platform version 15.10-rc-1 and earlier Description: The issue allows execution of arbitrary code on the...

PT-2022-24955 · Unknown +2 · Parse Server +2

Name of the Vulnerable Software and Affected Versions: Parse Server versions prior to 4.10.18 Parse Server versions prior to 5.3.1 on the 5.X branch Description: Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. An attacker can use a prototype...

SUSE SLES12 Security Update : samba (SUSE-SU-2020:2720-1)

This update for samba fixes the following issues : Update to 4.10.18 ZeroLogon: An elevation of privilege was possible with some non default configurations when an attacker established a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol MS-NR...

Samba ZeroLogon Vulnerability (CVE-2020-1472)

Samba is prone to an unauthenticated domain takeover vulnerability via netlogon ZeroLogon. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later...

SUSE-SU-2020:2720-1 Security update for samba

This update for samba fixes the following issues: - Update to 4.10.18 - ZeroLogon: An elevation of privilege was possible with some non default configurations when an attacker established a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol...