Lucene search
K

24 matches found

Github Security Blog
Github Security Blog
added 2025/10/17 6:5 p.m.5 views

ibexa/fieldtype-richtext has an XSS vulnerability via acronym custom tag in Rich Text

Impact This security advisory resolves an XSS vulnerability in acronym custom tag in Rich Text, in the back office of the DXP. Back office access and varying levels of editing and management permissions are required to exploit this vulnerability. This typically means Editor or Administrator role,...

6.4AI score
Exploits0References3Affected Software1
EUVD
EUVD
added 2025/10/17 6:5 p.m.6 views

EUVD-2025-34901

ibexa/fieldtype-richtext has an XSS vulnerability via acronym custom tag in Rich Text...

5.9AI score
Exploits0References3
OSV
OSV
added 2025/10/17 6:5 p.m.2 views

GHSA-8C2G-F8JM-5CR7 ibexa/fieldtype-richtext has an XSS vulnerability via acronym custom tag in Rich Text

Impact This security advisory resolves an XSS vulnerability in acronym custom tag in Rich Text, in the back office of the DXP. Back office access and varying levels of editing and management permissions are required to exploit this vulnerability. This typically means Editor or Administrator role,...

4.8CVSS6.4AI score
Exploits0References3
Packet Storm News
Packet Storm News
added 2025/06/10 12:0 a.m.11 views

Safeguarding Multimodal Knowledge Copyright in the RAG-As-A-Service Environment

As Retrieval-Augmented Generation RAG evolves into service-oriented platforms Rag-as-a-Service with shared knowledge bases, protecting the copyright of contributed data becomes essential. Existing watermarking methods in RAG focus solely on textual knowledge, leaving image knowledge unprotected. ...

6.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 12:28 a.m.6 views

CVE-2022-48118

Jorani v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the Acronym parameter...

6.1CVSS6.1AI score0.00473EPSS
Exploits1References1
The Hacker News
The Hacker News
added 2024/10/19 9:30 a.m.15 views

Acronym Overdose – Navigating the Complex Data Security Landscape

In the modern enterprise, data security is often discussed using a complex lexicon of acronyms—DLP, DDR, DSPM, and many others. While these acronyms represent critical frameworks, architectures, and tools for protecting sensitive information, they can also overwhelm those trying to piece together...

7.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/09/18 6:26 p.m.5 views

Malicious code in acronym-decoder-chrome-angular (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1a3a001eb751394dba7b7d59d8580152ab849a2d8971aecc8c65f800c4276008 The OpenSSF Package Analysis project identified 'acronym-decoder-chrome-angular' @ 1.0.0 npm as malicious. It is considered malicious because: -...

6.9AI score
Exploits0
hivepro
hivepro
added 2024/03/28 3:40 p.m.10 views

The Exposure Management Acronym Dictionary

In this video, Anand Choudha, CEO at Hive Pro, and Jeelan Poola, CPO at Hive Pro, introduce the HivePro Uni5 Threat Exposure Management Platform. HivePro Uni...

7.2AI score
Exploits0
NVD
NVD
added 2023/01/27 8:15 p.m.18 views

CVE-2022-48118

Jorani v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the Acronym parameter...

6.1CVSS6.1AI score0.00473EPSS
Exploits1References1
OSV
OSV
added 2023/01/27 8:15 p.m.15 views

CVE-2022-48118

Jorani v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the Acronym parameter...

6.1CVSS6.1AI score
Exploits0References1
Prion
Prion
added 2023/01/27 8:15 p.m.17 views

Cross site scripting

Jorani v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the Acronym parameter...

5.8CVSS6AI score0.00473EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2023/01/27 12:0 a.m.20 views

CVE-2022-48118

Jorani v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the Acronym parameter...

6.2AI score0.00473EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/01/27 12:0 a.m.3 views

Jorani 跨站脚本漏洞

Jorani is a leave management system developed by Benjamin BALET, an individual developer in France. Designed to provide a simple workflow for leave and overtime requests for small organizations. A security vulnerability exists in Jorani v1.0 that stems from its Acronym parameter that allows an...

6.1CVSS5.5AI score0.00473EPSS
Exploits1References2
CVE
CVE
added 2023/01/27 12:0 a.m.56 views

CVE-2022-48118

CVE-2022-48118 concerns Jorani v1.0, where a cross-site scripting (XSS) vulnerability exists via the Acronym parameter. The provided connected documents confirm the affected software/version and the specific vulnerable component (Acronym parameter), but do not supply exploit details, attack vecto...

6.1CVSS6AI score0.00473EPSS
Exploits1References1Affected Software1
Schneier on Security
Schneier on Security
added 2022/08/12 9:6 p.m.20 views

Friday Squid Blogging: SQUID Acronym for Making Conscious Choices

I think the U is forced: SQUID consists of five steps: Stop, Question, Understand, Imagine, and Decide. As usual, you can also use this squid post to talk about the security stories in the news that I havent covered. Read my blog posting guidelines here...

1.5AI score
Exploits0
Fedora
Fedora
added 2021/05/28 1:11 a.m.24 views

[SECURITY] Fedora 33 Update: python-pip-20.2.2-2.fc33

pip is a package management system used to install and manage software pack ages written in Python. Many packages can be found in the Python Package Index PyPI. pip is a recursive acronym that can stand for either "Pip Installs Packages" or "Pip Installs Python"...

2.7AI score
Exploits0
CNVD
CNVD
added 2015/06/18 12:0 a.m.5 views

TYPO3 Akronymmanager Extension SQL Injection Vulnerability

TYPO3 is a free and open source content management system framework CMS/CMF maintained by the Swiss TYPO3 Association.Akronymmanager also known as SB Folderdownload is one of the extension plug-ins for displaying the address of the file download link. A SQL injection vulnerability exists in the...

6CVSS8.5AI score0.03157EPSS
Exploits5References1
Cvelist
Cvelist
added 2007/01/03 2:0 a.m.22 views

CVE-2006-6842

SQL injection vulnerability in admin/adminacronyms.php in the Acronym Mod 0.9.5 for phpBB2 Plus 1.53 allows remote attackers to execute arbitrary SQL commands via the id parameter...

8.4AI score0.00989EPSS
Exploits1References4
CVE
CVE
added 2007/01/03 2:0 a.m.50 views

CVE-2006-6842

The CVE-2006-6842 entry describes an SQL injection vulnerability in admin/admin_acronyms.php of Acronym Mod 0.9.5 for phpBB2 Plus 1.53, allowing remote attackers to execute arbitrary SQL commands via the id parameter. Public references (e.g., Exploit-DB 3033) indicate known exploits. Affected com...

7.5CVSS8.8AI score0.00989EPSS
Exploits1References4Affected Software1
securityvulns
securityvulns
added 2006/12/31 12:0 a.m.51 views

Acronym Mod v0.9.5 Remote SQL Injection Vulnerability

Acronym Mod v0.9.5 Remote SQL Injection Vulnerability Download: http://www.codemonkeyx.net Found By: the master exploit: http://Target/Path/admin/adminacronyms.php?mode=edit&id=-120UNION20SELECT20null,userpassword,null20FROM20phpbbusers20where20userid=2&sid=AdminHash Greetz: str0ke , Dr Max Virus...

1.3AI score
Exploits0
Rows per page
Query Builder