7 matches found
CVE-2025-61676
October is a Content Management System CMS and web platform. Prior to versions 3.7.13 and 4.0.12, a cross-site scripting XSS vulnerabilities was identified in October CMS backend configuration forms. A user with the Customize Backend Styles permission could inject malicious HTML/JS into the...
Cross-site Scripting (XSS)
Overview october/system is a System module for October CMS. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the stylesheet input in the backend branding and appearance configuration. An attacker can execute arbitrary scripts in the context of backend users by...
Malicious code in electron-osx-appearance-settings (npm)
The package electron-osx-appearance-settings was found to contain malicious code...
Malicious code in electron-appearance-settings-osx (npm)
The package electron-appearance-settings-osx was found to contain malicious code...
MAL-2025-19444 Malicious code in electron-appearance-settings-osx (npm)
The package electron-appearance-settings-osx was found to contain malicious code...
MAL-2025-19453 Malicious code in electron-osx-appearance-settings (npm)
The package electron-osx-appearance-settings was found to contain malicious code...
IBM Cognos Analytics 安全漏洞
IBM Cognos Analytics is a suite of business intelligence software from IBM in the United States. The software includes reports, dashboards, and scorecards, and can assist companies in adjusting their decisions by analyzing such things as key factors and key people. IBM Cognos Analytics has a...