30 matches found
WordPress SEO Plugin by Squirrly SEO plugin <= 12.3.19 - Authenticated (Contributor+) SQL Injection via url Parameter vulnerability
Authenticated Contributor+ SQL Injection via url Parameter vulnerability discovered by bart in WordPress Plugin SEO Plugin by Squirrly SEO versions = 12.3.19...
EUVD-2022-7372
Malicious code in bioql PyPI...
A Data-Centric Approach for Safe and Secure Large Language Models against Threatening and Toxic Content
Large Language Models LLM have made remarkable progress, but concerns about potential biases and harmful content persist. To address these apprehensions, we introduce a practical solution for ensuring LLM's safe and ethical use. Our novel approach focuses on a post-generation correction mechanism...
bartmoeyaert.com Cross Site Scripting vulnerability OBB-3930511
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
GHSA-J923-26C2-QQ9P Jenkins BART Plugin vulnerable to cross-site scripting (XSS)
Jenkins BART Plugin 1.0.3 and earlier does not escape the parsed content of build logs before rendering it on the Jenkins UI, resulting in a stored cross-site scripting XSS vulnerability. Currently, there are no known workarounds or patches available...
Jenkins BART Plugin vulnerable to cross-site scripting (XSS)
Jenkins BART Plugin 1.0.3 and earlier does not escape the parsed content of build logs before rendering it on the Jenkins UI, resulting in a stored cross-site scripting XSS vulnerability. Currently, there are no known workarounds or patches available...
CVE-2022-45387
Jenkins BART Plugin 1.0.3 and earlier does not escape the parsed content of build logs before rendering it on the Jenkins UI, resulting in a stored cross-site scripting XSS vulnerability...
CVE-2022-45387
Jenkins BART Plugin 1.0.3 and earlier does not escape the parsed content of build logs before rendering it on the Jenkins UI, resulting in a stored cross-site scripting XSS vulnerability...
Cross site scripting
Jenkins BART Plugin 1.0.3 and earlier does not escape the parsed content of build logs before rendering it on the Jenkins UI, resulting in a stored cross-site scripting XSS vulnerability...
CVE-2022-45387
Jenkins BART Plugin 1.0.3 and earlier does not escape the parsed content of build logs before rendering it on the Jenkins UI, resulting in a stored cross-site scripting XSS vulnerability...
Jenkins Plugin BART 跨站脚本漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A cross-site scripting...
PT-2022-27489 · Jenkins · Jenkins Bart Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins BART Plugin versions 1.0.3 and earlier Description: The issue is related to a stored cross-site scripting XSS vulnerability. It occurs because the Jenkins BART Plugin does not escape the parsed content of build logs before rendering i...
CVE-2022-45387
CVE-2022-45387 refers to the Jenkins BART Plugin (versions 1.0.3 and earlier) that fails to escape the parsed content of build logs before rendering in the Jenkins UI, resulting in a stored cross-site scripting (XSS) vulnerability. The connected documents corroborate this as a stored XSS in BART ...
CVE-2022-45387
Jenkins BART Plugin 1.0.3 and earlier does not escape the parsed content of build logs before rendering it on the Jenkins UI, resulting in a stored cross-site scripting XSS vulnerability...
SolarWinds 2.0 Could Ignite Financial Crisis – Podcast
Could a cyberattack spark the next financial crisis? Following the calamitous, widespread SolarWinds attacks in April, that’s exactly what the New York State Department of Financial Services DFS has suggested. “This incident confirms that the next great financial crisis could come from a...
@bart.sk-ecommerce/node-touchstore-service (=1.0.17), @based/server (>=0.0.1 <=2.6.1) +156 more potentially affected by unknown CVE via squel (>=1.1.1 <=5.13.0)
squel NPM version =1.1.1, =0.0.1, =2.1.0, =1.1.2, =0.0.1, =2.0.0, =1.4.0, =0.1.1, =1.0.0, =0.11.4-canary.0f11eb2, =0.1.0, =0.0.1, =1.0.0, =1.0.15, =1.0.0, =1.2.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-4QHX-G9WP-G9M6...
Moderate: Red Hat Security Advisory: rh-sso7-keycloak security update
An update for rh-sso7-keycloak is now available for Red Hat Single Sign-On 7.1 for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Moderate: Red Hat Security Advisory: rh-sso7-keycloak security update
An update for rh-sso7-keycloak is now available for Red Hat Single Sign-On 7.1 for RHEL 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
shib_auth Moderately Critical - Multiple vulnerabilities - SA-CONTRIB-2017-043
This module enables you to login via Shibboleth. The module doesn't sufficiently logout the user when the shib session expires, which depending on the caching mechanism makes private data public. This vulnerability is mitigated by the fact that shibauth would have to be used in combination with a...
RockLoader SQL Injection / Shell Upload
Exploit Title: RockLoader aka Bart Malware SQLi and shell file upload Date: 27-06-2016 Software Link Leak: https://github.com/colocation/RockLoader-source Exploit Author: Danail Velev Contact: ICQ: 209030 / [email protected] Website: http://colocation.bg/ Category: webapps / malware / private...