Malicious Package

Overview @t-in-one/addapplication is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

Malicious code in @t-in-one/add_application_service_token (npm)

Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...

CVE-2021-35483

The Applications component of Nokia IMPACT version through 19.11.2.10-20210118042150283 allows an authenticated user to arbitrarily upload JavaScript files via the /ui/rest-proxy/application fileupload parameter. This can occur during the adding of a new application, or during the editing of an...

CVE-2022-47968

Heimdall Application Dashboard through 2.5.4 allows reflected and stored XSS via "Application name" to the "Add application" page. The stored XSS will be triggered in the "Application list" page...

CVE-2022-47968

Heimdall Application Dashboard through 2.5.4 allows reflected and stored XSS via "Application name" to the "Add application" page. The stored XSS will be triggered in the "Application list" page...

Cross site scripting

Heimdall Application Dashboard through 2.5.4 allows reflected and stored XSS via "Application name" to the "Add application" page. The stored XSS will be triggered in the "Application list" page...

PT-2022-28097 · Unknown · Heimdall Application Dashboard

Name of the Vulnerable Software and Affected Versions: Heimdall Application Dashboard versions 2.5.4 and earlier Description: The issue allows for reflected and stored Cross-Site Scripting XSS attacks via the Application name variable to the "Add application" page. The stored XSS will be triggere...

Heimdal 跨站脚本漏洞

Heimdal is a Kerberos implementation and security program from Heimdal Open Source. Heimdall Application Dashboard version 2.5.4 before the security vulnerability , the vulnerability stems from its Add application page of the Application name section allows an attacker to achieve reflective...

Cross site scripting

EyesOfNetwork Web Interface v5.3 was discovered to contain a reflected cross-site scripting XSS vulnerability via the component /module/adminbp/addapplication.php...

EyesOfNetwork 跨站脚本漏洞

EyesOfNetwork EON is an open source, free IT monitoring solution from the EyesOfNetwork community. The solution provides features such as a business process configuration tool, generating pop-up windows when events occur in the active queue, and more. A cross-site scripting vulnerability exists i...