3 matches found
PT-2025-24667 · Solarwinds · Solarwinds Observability Self-Hosted
Name of the Vulnerable Software and Affected Versions: SolarWinds Observability Self-Hosted affected versions not specified Description: The issue is related to a cross-site scripting XSS vulnerability due to an unsanitized field in the URL. The attack requires authentication using an...
ConnectWise ScreenConnect Authentication Bypass Vulnerability
ConnectWise ScreenConnect contains an authentication bypass vulnerability that allows an attacker with network access to the management interface to create a new, administrator-level account on affected devices...
TYPO3 Install Tool vulnerable to Code Execution
Problem Several settings in the Install Tool for configuring the path to system binaries were vulnerable to code execution. Exploiting this vulnerability requires an administrator-level backend user account with system maintainer permissions. The corresponding change for this advisory involves...