CVE-2024-13032 Antabot White-Jotter Article Editor editor server-side request forgery

A vulnerability classified as problematic was found in Antabot White-Jotter up to 0.2.2. Affected by this vulnerability is an unknown functionality of the file /admin/content/editor of the component Article Editor. The manipulation of the argument articleCover leads to server-side request forgery...

CVE-2024-13032 Antabot White-Jotter Article Editor editor server-side request forgery

A vulnerability classified as problematic was found in Antabot White-Jotter up to 0.2.2. Affected by this vulnerability is an unknown functionality of the file /admin/content/editor of the component Article Editor. The manipulation of the argument articleCover leads to server-side request forgery...

CVE-2024-13032

The CVE-2024-13032 entry affects Antabot White-Jotter (

CVE-2024-13031

The CVE-2024-13031 affects Antabot White-Jotter up to version 0.2.2. Affected component: /admin/content/editor in the Article Content Editor. Root cause: cross-site scripting due to an issue in the editor’s handling, enabling remote exploitation. The vulnerability is publicly disclosed and can be...

CVE-2024-13031 Antabot White-Jotter Article Content Editor editor cross site scripting

A vulnerability classified as problematic has been found in Antabot White-Jotter up to 0.2.2. Affected is an unknown function of the file /admin/content/editor of the component Article Content Editor. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. Th...

White-Jotter 代码问题漏洞

White-Jotter is a front-end and back-end separation project developed by Antabot personal developer using Vue+Spring Boot, with a full set of development tutorials. A code issue vulnerability exists in White-Jotter 0.2.2 and earlier versions, which stems from the articleCover parameter of the fil...

PT-2024-17889 · Unknown · Antabot White-Jotter

Name of the Vulnerable Software and Affected Versions: Antabot White-Jotter versions up to 0.2.2 Description: A problematic issue has been found in the Article Editor component, specifically in the /admin/content/editor file, affecting an unknown functionality. The manipulation of the articleCove...

CVE-2024-13022

A vulnerability, which was classified as critical, was found in taisan tarzan-cms 1.0.0. This affects the function UploadResponse of the file src/main/java/com/tarzan/cms/modules/admin/controller/common/UploadController.java of the component Article Management. The manipulation of the argument fi...

CVE-2024-13022 taisan tarzan-cms Article Management UploadController.java UploadResponse unrestricted upload

A vulnerability, which was classified as critical, was found in taisan tarzan-cms 1.0.0. This affects the function UploadResponse of the file src/main/java/com/tarzan/cms/modules/admin/controller/common/UploadController.java of the component Article Management. The manipulation of the argument fi...

CVE-2024-13022

CVE-2024-13022 affects taisan tarzan-cms 1.0.0, specifically the UploadResponse function in UploadController.java (Article Management). The vulnerability arises from manipulation of the file argument, enabling unrestricted uploads and allowing remote initiation. Multiple connected reports confirm...

CVE-2024-13022 taisan tarzan-cms Article Management UploadController.java UploadResponse unrestricted upload

A vulnerability, which was classified as critical, was found in taisan tarzan-cms 1.0.0. This affects the function UploadResponse of the file src/main/java/com/tarzan/cms/modules/admin/controller/common/UploadController.java of the component Article Management. The manipulation of the argument fi...

PT-2024-17881 · Unknown · Taisan Tarzan-Cms

Name of the Vulnerable Software and Affected Versions: taisan tarzan-cms version 1.0.0 Description: A critical issue was found in the Article Management component, specifically affecting the UploadResponse function of the UploadController.java file. The manipulation of the file argument leads to...

CVE-2024-54774

Dcat Admin v2.2.0-beta contains a cross-site scripting (XSS) vulnerability in the /admin/articles/create endpoint. The root cause is the lack of effective filtering and escaping of user-supplied data, enabling an attacker to inject and execute arbitrary web script or HTML. Public references in mu...

PT-2025-2018 · Emlog Pro · Emlog Pro

Name of the Vulnerable Software and Affected Versions: Emlog Pro versions up to 2.4.3 Description: A problematic vulnerability was found in Emlog Pro, affecting an unknown section of the file /admin/article.php of the component Subpage Handler. The manipulation leads to cross site scripting. The...

Vulnerabilities fixed in Microsoft Office

Microsoft has fixed vulnerabilities in several Office products. A malicious party can exploit the vulnerabilities to grant themselves elevated privileges, execute arbitrary code in the victim's context and potentially gain access to sensitive information in the victim's context. Successful...

2024-12 Cumulative Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5048654)

Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your computer...

CVE-2024-53620

A cross-site scripting XSS vulnerability in the Article module of SPIP v4.3.3 allows authenticated attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Title parameter...

UBUNTU-CVE-2024-53620

A cross-site scripting XSS vulnerability in the Article module of SPIP v4.3.3 allows authenticated attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Title parameter...

CVE-2024-53620

SPIP 4.3.3 Article module vulnerable to XSS: authenticated users can inject a payload into the Title parameter to trigger cross-site scripting. The issue affects SPIP v4.3.3 with the Article module; underlying cause is an XSS in Title handling. Exploitation is not described as active in the provi...

SPIP 安全漏洞

SPIP is a free software for creating Internet sites from SPIP Open Source. A security vulnerability exists in SPIP v4.3.3, which originates from a cross-site scripting vulnerability in the Article module...