2 matches found
CVE-2021-24135
Unvalidated input and lack of output encoding in the WP Customer Reviews WordPress plugin, versions before 3.4.3, lead to multiple Stored Cross-Site Scripting vulnerabilities allowing remote attackers to inject arbitrary JavaScript code or HTML...
Apache SpamAssassin Operating System Command Injection Vulnerability
Apache SpamAssassin is an open source spam filter from the Apache USA Foundation. The product provides a filter for system administrators and supports categorizing email to block spam. A security vulnerability exists in Apache SpamAssassin versions prior to 3.4.3. An attacker could exploit the...