Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2 matches found

Atlassian
Atlassianadded 2023/06/02 10:22 a.m.23 views

Granting the 'Administer Projects' permission to a 'Custom Field' within a permission scheme allows all users to see the Project Settings

h3. Issue Summary This is reproducible on Data Center: yes Granting the Administer Projects permission to a User custom field value results in users having access to the Project Settings area even when the field is not populated. h3. Steps to Reproduce Create a new project with sample data Create...

6.7AI score
Exploits0Affected Software1
Drupal
Drupaladded 2008/01/30 12:0 a.m.14 views

SA-2008-012 - Project issue tracking - XSS vulnerability in comment summary tables

The Project issue tracking module provides a summary table to show changes in issue states between comments. Users who have certain editing rights may be able to inject arbitrary code on pages containing these tables. Wikipedia has more information about cross site scripting XSS. Versions affecte...

6.5AI score
Exploits0References8
Rows per page
Query Builder