EUVD-2020-30180

Malware in sbrugna...

Malicious code in action-links (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-6378 Malicious code in action-links (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

Malicious Package

Overview action-links is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using action-links...

Atlassian Confluence 2.x >= 2.7 / 3.x < 3.4.9 Multiple XSS

According to its self-reported version number, the instance of Atlassian Confluence on the remote host is a 2.x version that is 2.7 or later, or else version 3.x prior to 3.4.9. It is, therefore, affected by multiple cross-site scripting vulnerabilities. Errors in the validation of input data to...

XSS vulnerability in the action links of Confluence's attachments lists.

We have identified and fixed a cross-site scripting XSS vulnerability in the action links of Confluence's attachments lists. All versions from 2.7 to 3.4.7 are affected. XSS vulnerabilities potentially allow an attacker to embed their own JavaScript into a Confluence page. You can read more about...