24 matches found
CVE-2022-26156
An issue was discovered in the web application in Cherwell Service Management CSM 10.2.3. Injection of a malicious payload within the RelayState= parameter of the HTTP request body results in the hijacking of the form action. Form-action hijacking vulnerabilities arise when an application places...
EUVD-2018-12382
Malware in sbrugna...
EUVD-2021-12248
Malware in sbrugna...
EUVD-2023-36588
Malicious code in bioql PyPI...
EUVD-2022-30722
Malicious code in bioql PyPI...
CVE-2023-32344
IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to form action hijacking where it is possible to modify the form action to reference an arbitrary path. IBM X-Force ID: 255898...
CVE-2024-25285
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage...
CVE-2024-25285
...
CVE-2024-25285
...
3DSecure 2.0 3DS Method Authentication Cross Site Scripting
Product: 3DSecure 2.0 Manufacturer: Redsys Affected Versions: 3DSecure 2.0 3DS Method Authentication Tested Versions: 3DSecure 2.0 3DS Method Authentication Vulnerability Type: Cross-Site Scripting XSS Risk Level: Medium Solution Status: Not yet fixed Manufacturer Notification: 2024-01-17 Solutio...
CVE-2023-32344
IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to form action hijacking where it is possible to modify the form action to reference an arbitrary path. IBM X-Force ID: 255898...
CVE-2023-32344
IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to form action hijacking where it is possible to modify the form action to reference an arbitrary path. IBM X-Force ID: 255898...
Design/Logic Flaw
IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to form action hijacking where it is possible to modify the form action to reference an arbitrary path. IBM X-Force ID: 255898...
CVE-2023-32344 IBM Cognos Analytics cross-site request forgery
IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to form action hijacking where it is possible to modify the form action to reference an arbitrary path. IBM X-Force ID: 255898...
CVE-2023-32344 IBM Cognos Analytics cross-site request forgery
IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to form action hijacking where it is possible to modify the form action to reference an arbitrary path. IBM X-Force ID: 255898...
CVE-2023-32344
CVE-2023-32344 affects IBM Cognos Analytics versions 11.1.7, 11.2.4 FP? and 12.0.0, with a form action hijacking flaw that lets an attacker modify the form action to reference an arbitrary path. Root cause and impact are described across multiple sources (IBM Cognos Analytics documentation and ad...
PT-2024-12322 · Ibm · Ibm Cognos Analytics
Name of the Vulnerable Software and Affected Versions: IBM Cognos Analytics versions 11.1.7 through 12.0.0 Description: The issue allows form action hijacking, where it is possible to modify the form action to reference an arbitrary path. Recommendations: For versions 11.1.7, 11.2.4, and 12.0.0,...
CVE-2022-26156
An issue was discovered in the web application in Cherwell Service Management CSM 10.2.3. Injection of a malicious payload within the RelayState= parameter of the HTTP request body results in the hijacking of the form action. Form-action hijacking vulnerabilities arise when an application places...
CVE-2022-26156
An issue was discovered in the web application in Cherwell Service Management CSM 10.2.3. Injection of a malicious payload within the RelayState= parameter of the HTTP request body results in the hijacking of the form action. Form-action hijacking vulnerabilities arise when an application places...
CVE-2022-26156
An issue was discovered in the web application in Cherwell Service Management CSM 10.2.3. Injection of a malicious payload within the RelayState= parameter of the HTTP request body results in the hijacking of the form action. Form-action hijacking vulnerabilities arise when an application places...