24 matches found
ibexa/fieldtype-richtext has an XSS vulnerability via acronym custom tag in Rich Text
Impact This security advisory resolves an XSS vulnerability in acronym custom tag in Rich Text, in the back office of the DXP. Back office access and varying levels of editing and management permissions are required to exploit this vulnerability. This typically means Editor or Administrator role,...
EUVD-2025-34901
ibexa/fieldtype-richtext has an XSS vulnerability via acronym custom tag in Rich Text...
GHSA-8C2G-F8JM-5CR7 ibexa/fieldtype-richtext has an XSS vulnerability via acronym custom tag in Rich Text
Impact This security advisory resolves an XSS vulnerability in acronym custom tag in Rich Text, in the back office of the DXP. Back office access and varying levels of editing and management permissions are required to exploit this vulnerability. This typically means Editor or Administrator role,...
Safeguarding Multimodal Knowledge Copyright in the RAG-As-A-Service Environment
As Retrieval-Augmented Generation RAG evolves into service-oriented platforms Rag-as-a-Service with shared knowledge bases, protecting the copyright of contributed data becomes essential. Existing watermarking methods in RAG focus solely on textual knowledge, leaving image knowledge unprotected. ...
CVE-2022-48118
Jorani v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the Acronym parameter...
Acronym Overdose – Navigating the Complex Data Security Landscape
In the modern enterprise, data security is often discussed using a complex lexicon of acronyms—DLP, DDR, DSPM, and many others. While these acronyms represent critical frameworks, architectures, and tools for protecting sensitive information, they can also overwhelm those trying to piece together...
Malicious code in acronym-decoder-chrome-angular (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1a3a001eb751394dba7b7d59d8580152ab849a2d8971aecc8c65f800c4276008 The OpenSSF Package Analysis project identified 'acronym-decoder-chrome-angular' @ 1.0.0 npm as malicious. It is considered malicious because: -...
The Exposure Management Acronym Dictionary
In this video, Anand Choudha, CEO at Hive Pro, and Jeelan Poola, CPO at Hive Pro, introduce the HivePro Uni5 Threat Exposure Management Platform. HivePro Uni...
CVE-2022-48118
Jorani v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the Acronym parameter...
CVE-2022-48118
Jorani v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the Acronym parameter...
Cross site scripting
Jorani v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the Acronym parameter...
CVE-2022-48118
Jorani v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the Acronym parameter...
Jorani 跨站脚本漏洞
Jorani is a leave management system developed by Benjamin BALET, an individual developer in France. Designed to provide a simple workflow for leave and overtime requests for small organizations. A security vulnerability exists in Jorani v1.0 that stems from its Acronym parameter that allows an...
CVE-2022-48118
CVE-2022-48118 concerns Jorani v1.0, where a cross-site scripting (XSS) vulnerability exists via the Acronym parameter. The provided connected documents confirm the affected software/version and the specific vulnerable component (Acronym parameter), but do not supply exploit details, attack vecto...
Friday Squid Blogging: SQUID Acronym for Making Conscious Choices
I think the U is forced: SQUID consists of five steps: Stop, Question, Understand, Imagine, and Decide. As usual, you can also use this squid post to talk about the security stories in the news that I havent covered. Read my blog posting guidelines here...
[SECURITY] Fedora 33 Update: python-pip-20.2.2-2.fc33
pip is a package management system used to install and manage software pack ages written in Python. Many packages can be found in the Python Package Index PyPI. pip is a recursive acronym that can stand for either "Pip Installs Packages" or "Pip Installs Python"...
TYPO3 Akronymmanager Extension SQL Injection Vulnerability
TYPO3 is a free and open source content management system framework CMS/CMF maintained by the Swiss TYPO3 Association.Akronymmanager also known as SB Folderdownload is one of the extension plug-ins for displaying the address of the file download link. A SQL injection vulnerability exists in the...
CVE-2006-6842
SQL injection vulnerability in admin/adminacronyms.php in the Acronym Mod 0.9.5 for phpBB2 Plus 1.53 allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2006-6842
The CVE-2006-6842 entry describes an SQL injection vulnerability in admin/admin_acronyms.php of Acronym Mod 0.9.5 for phpBB2 Plus 1.53, allowing remote attackers to execute arbitrary SQL commands via the id parameter. Public references (e.g., Exploit-DB 3033) indicate known exploits. Affected com...
Acronym Mod v0.9.5 Remote SQL Injection Vulnerability
Acronym Mod v0.9.5 Remote SQL Injection Vulnerability Download: http://www.codemonkeyx.net Found By: the master exploit: http://Target/Path/admin/adminacronyms.php?mode=edit&id=-120UNION20SELECT20null,userpassword,null20FROM20phpbbusers20where20userid=2&sid=AdminHash Greetz: str0ke , Dr Max Virus...