EUVD-2023-0791

Malicious code in bioql PyPI...

CVE-2023-22849

An improper neutralization of input during web page generation 'Cross-site Scripting' CWE-79 vulnerability in Sling App CMS version 1.1.4 and prior may allow an authenticated remote attacker to perform a reflected cross-site scripting XSS attack in multiple features. Upgrade to Apache Sling App C...

CVE-2022-46769

An improper neutralization of input during web page generation 'Cross-site Scripting' CWE-79 vulnerability in Sling App CMS version 1.1.2 and prior may allow an authenticated remote attacker to perform a reflected cross-site scripting XSS attack in the site group feature. Upgrade to Apache Sling...

GHSA-RGHH-GHF7-7943 Sling App CMS Cross-site Scripting vulnerability

An improper neutralization of input during web page generation 'Cross-site Scripting' CWE-79 vulnerability in Sling App CMS version 1.1.4 and prior may allow an authenticated remote attacker to perform a reflected cross-site scripting XSS attack in multiple features. Upgrade to Apache Sling App C...

Sling App CMS Cross-site Scripting vulnerability

An improper neutralization of input during web page generation 'Cross-site Scripting' CWE-79 vulnerability in Sling App CMS version 1.1.4 and prior may allow an authenticated remote attacker to perform a reflected cross-site scripting XSS attack in multiple features. Upgrade to Apache Sling App C...

CVE-2023-22849 Apache Sling App CMS: XSS in CMS Reference / UI Components

An improper neutralization of input during web page generation 'Cross-site Scripting' CWE-79 vulnerability in Sling App CMS version 1.1.4 and prior may allow an authenticated remote attacker to perform a reflected cross-site scripting XSS attack in multiple features. Upgrade to Apache Sling App C...

CVE-2023-22849 Apache Sling App CMS: XSS in CMS Reference / UI Components

An improper neutralization of input during web page generation 'Cross-site Scripting' CWE-79 vulnerability in Sling App CMS version 1.1.4 and prior may allow an authenticated remote attacker to perform a reflected cross-site scripting XSS attack in multiple features. Upgrade to Apache Sling App C...

GHSA-38M2-VR6G-8C94 Apache Sling App CMS vulnerable to reflected Cross-site Scripting

An improper neutralization of input during web page generation 'Cross-site Scripting' CWE-79 vulnerability in Sling App CMS version 1.1.2 and prior may allow an authenticated remote attacker to perform a reflected cross-site scripting XSS attack in the site group feature. Upgrade to Apache Sling...

CVE-2022-46769

An improper neutralization of input during web page generation 'Cross-site Scripting' CWE-79 vulnerability in Sling App CMS version 1.1.2 and prior may allow an authenticated remote attacker to perform a reflected cross-site scripting XSS attack in the site group feature. Upgrade to Apache Sling...

CVE-2022-46769 Apache Sling App CMS: XSS in CMS Site Group Detail

An improper neutralization of input during web page generation 'Cross-site Scripting' CWE-79 vulnerability in Sling App CMS version 1.1.2 and prior may allow an authenticated remote attacker to perform a reflected cross-site scripting XSS attack in the site group feature. Upgrade to Apache Sling...

CVE-2022-46769 Apache Sling App CMS: XSS in CMS Site Group Detail

An improper neutralization of input during web page generation 'Cross-site Scripting' CWE-79 vulnerability in Sling App CMS version 1.1.2 and prior may allow an authenticated remote attacker to perform a reflected cross-site scripting XSS attack in the site group feature. Upgrade to Apache Sling...