Sandboxie 安全漏洞

Sandboxie is an open-source isolation software based on a sandbox mechanism, developed by sandboxie-plus. Version 5.30 of Sandboxie has a security vulnerability. This vulnerability stems from the excessive length of strings entered in the program alert configuration field. This could allow local...

CVE-2025-23113

An issue was discovered in REDCap 14.9.6. It has an action=myprojects=1 CSRF issue in the alert-title while performing an upload of a CSV file containing a list of alert configuration. An attacker can send the victim a CSV file containing an HTML injection payload in the alert-title. Once the...

EUVD-2023-30788

Malicious code in bioql PyPI...

CVE-2023-26998

Cross Site Scripting vulnerability found in NetScoutnGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code via the creator parameter of the Alert Configuration page...

CVE-2023-26998

Cross Site Scripting vulnerability found in NetScoutnGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code via the creator parameter of the Alert Configuration page...

Cross site scripting

Cross Site Scripting vulnerability found in NetScoutnGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code via the creator parameter of the Alert Configuration page...

CVE-2023-26998

Cross Site Scripting vulnerability found in NetScoutnGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code via the creator parameter of the Alert Configuration page...

NetScout nGeniusONE Cross-Site Scripting Vulnerability

NetScout nGeniusONE is a centralized application management and network performance solution from NetScout, Inc. A cross-site scripting vulnerability exists in NetScoutnGeniusOne version v.6.3.4 that could allow a remote attacker to execute arbitrary code via the creator parameter on the Alert...

CVE-2023-26998

CVE-2023-26998 affects NetScout nGeniusOne 6.3.4. The vulnerability is a Cross Site Scripting issue in the Alert Configuration page, exploitable via the creator parameter, enabling a remote attacker to execute arbitrary code. Root cause relates to unsanitized input in the creator field. No offici...

PT-2024-12119 · Netscout · Netscout Ngeniusone

Name of the Vulnerable Software and Affected Versions: NetScoutnGeniusOne version 6.3.4 Description: A Cross Site Scripting issue allows a remote attacker to execute arbitrary code via the creator parameter of the "Alert Configuration" page. This enables the attacker to perform unauthorized actio...

CVE-2021-31832

Improper Neutralization of Input in the ePO administrator extension for McAfee Data Loss Prevention DLP Endpoint for Windows prior to 11.6.200 allows a remote ePO DLP administrator to inject JavaScript code into the alert configuration text field. This JavaScript will be executed when an end user...

PT-2021-19535 · Mcafee · Mcafee Data Loss Prevention Endpoint

Name of the Vulnerable Software and Affected Versions: McAfee Data Loss Prevention DLP Endpoint for Windows versions prior to 11.6.200 Description: The issue allows a remote ePO DLP administrator to inject JavaScript code into the alert configuration text field. This JavaScript will be executed...

[SECURITY] Fedora 23 Update: setroubleshoot-3.3.9.1-1.fc23

setroubleshoot GUI. Application that allows you to view setroubleshoot-serv er messages. Provides tools to help diagnose SELinux problems. When AVC messages are generated an alert can be generated that will give information about the problem and help track its resolution. Alerts can be configured...

USN-674-2: HPLIP vulnerabilities

USN-674-1 provided packages to fix vulnerabilities in HPLIP. Due to an internal archive problem, the updates for Ubuntu 7.10 would not install properly. This update provides fixed packages for Ubuntu 7.10. We apologize for the inconvenience. Original advisory details: It was discovered that the...