EUVD-2023-2923

Malicious code in bioql PyPI...

CVE-2025-0253

CVE-2025-0253 affects HCL IEM and is described as a cookie attribute not set vulnerability caused by inconsistent security-related configurations, leading to potential information exposure. Affected software: HCL IEM (cookie handling/configuration). Underlying issue: cookie attributes not set, en...

Jetpack < 12.8-a.3 - Contributor+ Stored XSS via block attribute

Description The plugin does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2022-4227

The Booster for WooCommerce WordPress plugin before 5.6.3, Booster Plus for WooCommerce WordPress plugin before 6.0.0, Booster Elite for WooCommerce WordPress plugin before 6.0.0 do not escape some URLs and parameters before outputting them back in attributes, leading to Reflected Cross-Site...

Authorization

IBM Security Identity Governance and Intelligence 5.2.6 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to...