Lucene search
K

29 matches found

Prion
Prion
added 2023/08/28 1:15 a.m.25 views

Sql injection

IBM Security Guardium Data Encryption IBM Guardium Cloud Key Manager GCKM 1.10.3 could allow a remote attacker to execute arbitrary code on the system, caused by an angular template injection flaw. By sending specially crafted request, an attacker could exploit this vulnerability to execute...

7.5CVSS9.4AI score0.00698EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/08/28 12:14 a.m.29 views

CVE-2023-26270 IBM Security Guardium Data Encryption code execution

IBM Security Guardium Data Encryption IBM Guardium Cloud Key Manager GCKM 1.10.3 could allow a remote attacker to execute arbitrary code on the system, caused by an angular template injection flaw. By sending specially crafted request, an attacker could exploit this vulnerability to execute...

6.5CVSS9.4AI score0.00698EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/08/28 12:14 a.m.12 views

CVE-2023-26270 IBM Security Guardium Data Encryption code execution

IBM Security Guardium Data Encryption IBM Guardium Cloud Key Manager GCKM 1.10.3 could allow a remote attacker to execute arbitrary code on the system, caused by an angular template injection flaw. By sending specially crafted request, an attacker could exploit this vulnerability to execute...

6.5CVSS7.6AI score0.00698EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/05/17 12:0 a.m.5 views

PT-2023-6903 · Ibm · Ibm Security Guardium Data Encryption +1

Name of the Vulnerable Software and Affected Versions: IBM Security Guardium Data Encryption IBM Guardium Cloud Key Manager GCKM version 1.10.3 Description: The issue is caused by an angular template injection flaw, allowing a remote attacker to execute arbitrary code on the system by sending a...

10CVSS9.6AI score0.00698EPSS
Exploits0References13
NOZOMI
NOZOMI
added 2020/05/26 12:0 a.m.7 views

Angular template injection on custom report name field

Summary Report name field is affected by angular template injection which can lead to XSS attacks. Impact Custom report name field can lead to XSS attacks by malicious users. The attacker must have a valid Guardian/CMC login with the ‘Report editor’ capability to leverage this. Mitigation None...

4.8CVSS6.5AI score
Exploits0Affected Software2
Hacker One
Hacker One
added 2020/02/11 12:30 a.m.18 views

Mail.ru: [geekbrains.ru] Reflected XSS via Angular Template Injection

Potential XSS due to use of Angular templates...

3.3AI score
Exploits0
Hacker One
Hacker One
added 2016/04/19 9:11 p.m.19 views

New Relic: Stored Cross-Site Scripting via Angular Template Injection

It's possible to inject angular expressions into the account settings of a new relic account. This, combined with an angular sandbox escape allows for persistant cross-site scripting which is executed in the browser of any user visiting the affected page. The execution of which could be used to...

1.5AI score
Exploits0
Hacker One
Hacker One
added 2016/03/22 5:35 p.m.115 views

Uber: Reflected XSS on developer.uber.com via Angular template injection

developer.uber.com is vulnerable to reflected XSS via Angular template injection. The following url demonstrates the root issue using a trivial payload: https://developer.uber.com/docs/deep-linking?q=wrtz77 If you view the rendered source of the resulting page, you'll find the string 'wrtz49',...

0.2AI score
Exploits0
Hacker One
Hacker One
added 2016/02/19 6:25 p.m.93 views

Zendesk: Stored XSS via Angular Expression injection on developer.zendesk.com

developer.zendesk.com is vulnerable to stored XSS via Angular template injection. To replicate: Browse to https://developer.zendesk.com Sign up with an arbitrary email address and the following name: "'a'.constructor.prototype.charAt=.join;$eval'x=alert1';" Observe the popup. This is a stored...

0.6AI score
Exploits0
Rows per page
Query Builder