27 matches found
EUVD-2022-37738
Malicious code in bioql PyPI...
EUVD-2022-37740
Malicious code in bioql PyPI...
EUVD-2022-37739
Malicious code in bioql PyPI...
CVE-2022-34834
An issue was discovered in VERMEG AgileReporter 21.3. Attackers can gain privileges via an XSS payload in an Add Comment action to the Activity log...
CVE-2022-34833
An issue was discovered in VERMEG AgileReporter 21.3. An admin can enter an XSS payload in the Analysis component...
CVE-2022-34832
An issue was discovered in VERMEG AgileReporter 21.3. XXE can occur via an XML document to the Analysis component...
CVE-2022-34832
An issue was discovered in VERMEG AgileReporter 21.3. XXE can occur via an XML document to the Analysis component...
CVE-2022-34834
An issue was discovered in VERMEG AgileReporter 21.3. Attackers can gain privileges via an XSS payload in an Add Comment action to the Activity log...
CVE-2022-34833
An issue was discovered in VERMEG AgileReporter 21.3. An admin can enter an XSS payload in the Analysis component...
CVE-2022-34833
An issue was discovered in VERMEG AgileReporter 21.3. An admin can enter an XSS payload in the Analysis component...
CVE-2022-34834
An issue was discovered in VERMEG AgileReporter 21.3. Attackers can gain privileges via an XSS payload in an Add Comment action to the Activity log...
CVE-2022-34832
An issue was discovered in VERMEG AgileReporter 21.3. XXE can occur via an XML document to the Analysis component...
CVE-2022-34832
An issue was discovered in VERMEG AgileReporter 21.3. XXE can occur via an XML document to the Analysis component...
CVE-2022-34833
An issue was discovered in VERMEG AgileReporter 21.3. An admin can enter an XSS payload in the Analysis component...
Cross site scripting
An issue was discovered in VERMEG AgileReporter 21.3. An admin can enter an XSS payload in the Analysis component...
Cross site scripting
An issue was discovered in VERMEG AgileReporter 21.3. Attackers can gain privileges via an XSS payload in an Add Comment action to the Activity log...
Design/Logic Flaw
An issue was discovered in VERMEG AgileReporter 21.3. XXE can occur via an XML document to the Analysis component...
CVE-2022-34834
CVE-2022-34834 affects VERMEG AgileReporter 21.3. An attacker can gain privileges by injecting a cross‑site scripting (XSS) payload via the Add Comment action in the Activity log. The vulnerability is confirmed across multiple sources in the connected documents and is described consistently as an...
CVE-2022-34834
An issue was discovered in VERMEG AgileReporter 21.3. Attackers can gain privileges via an XSS payload in an Add Comment action to the Activity log...
PT-2023-13421 · Vermeg · Vermeg Agilereporter
Name of the Vulnerable Software and Affected Versions: VERMEG AgileReporter version 21.3 Description: An issue was discovered in VERMEG AgileReporter where XXE can occur via an XML document to the Analysis component. Recommendations: For VERMEG AgileReporter version 21.3, consider restricting...