GHSA-F946-9QP6-VGCH shopper/framework: Authorization bypass in multiple Livewire admin components

Impact Multiple Livewire components in the admin panel allowed an authenticated low-privilege user to mutate data without the required permission: - Order detail Filament actions cancel, mark paid, mark complete, capture payment, archive, start processing were callable with readorders only and di...

Foxit Reader Barcode Calculate CPDF_FormField Use-After-Free Vulnerability

Talos Vulnerability Report TALOS-2025-2277 Foxit Reader Barcode Calculate CPDFFormField Use-After-Free Vulnerability December 19, 2025 CVE Number CVE-2025-58085 SUMMARY A use-after-free vulnerability exists in the way Foxit Reader handles a Barcode field object. A specially crafted JavaScript cod...

CVE-2023-31299

Cross Site Scripting XSS vulnerability in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows remote attackers to execute arbitrary code via the Barcode field of a container...

CVE-2023-31299

Cross Site Scripting XSS vulnerability in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows remote attackers to execute arbitrary code via the Barcode field of a container...

CVE-2023-31299

Cross Site Scripting XSS vulnerability in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows remote attackers to execute arbitrary code via the Barcode field of a container...

Cross site scripting

Cross Site Scripting XSS vulnerability in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows remote attackers to execute arbitrary code via the Barcode field of a container...

Sesami Cash Point & Transport Optimizer Security Vulnerability

Sesami Cash Point & Transport Optimizer is a solution from Sesami, Inc. A security vulnerability exists in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 that stems from the presence of a cross-site scripting vulnerability. Allows remote attackers to execute arbitrary code via the...

CVE-2023-31299

Cross Site Scripting XSS vulnerability in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows remote attackers to execute arbitrary code via the Barcode field of a container...