4 matches found
CVE-2018-25119
Nagios Fusion versions prior to 4.1.5 are vulnerable to cross-site scripting XSS via the "fusionwindow" parameter. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
Adobe Dimension < 4.1.5 Multiple Arbitrary code execution (APSB25-103) (macOS)
The version of Adobe Dimension installed on the remote macOS host is prior to 4.1.5. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB25-103 advisory. - Use After Free CWE-416 potentially leading to Arbitrary code execution CVE-2025-61801 - Out-of-bounds Read CWE-12...
PT-2021-11765 · Unknown · Kk Star Ratings
Name of the Vulnerable Software and Affected Versions: kk Star Ratings plugin versions prior to 4.1.5 Description: The issue is related to a Cross Site Scripting XSS vulnerability. This type of vulnerability allows an attacker to inject malicious scripts into a website, potentially leading to...
GHSA-45VG-2V73-VM62 Moderate severity vulnerability that affects org.springframework:spring-core
The Java SockJS client in Pivotal Spring Framework 4.1.x before 4.1.5 generates predictable session ids, which allows remote attackers to send messages to other sessions via unspecified vectors...