5 matches found
EUVD-2022-47871
Malicious code in bioql PyPI...
CVE-2022-44944
Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting XSS vulnerability in the Add Announcement function at /index.php?module=helppages/pagesid=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field...
Cross site scripting
Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting XSS vulnerability in the Add Announcement function at /index.php?module=helppages/pages&entitiesid=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the...
CVE-2022-44944
Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting XSS vulnerability in the Add Announcement function at /index.php?module=helppages/pages&entitiesid=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the...
CVE-2021-32540
Hundred Plus 101EIP system (cloud-based office platform) contains a stored XSS vulnerability in its bulletin feature due to lack of input filtering of special characters. The issue allows authenticated users to inject JavaScript, leading to stored XSS. Affected component: 101EIP bulletin/announce...