4 matches found
Cross Site Scripting (XSS)
ibexa/fieldtype-richtext is vulnerable to Cross Site Scripting XSS. The vulnerability is due to insufficient input validation due to a blacklist approach that can be circumvented by using uppercase characters. This allows attackers with content editing permissions to inject malicious scripts into...
Code injection
The Business Directory Plugin – Easy Listing Directories for WordPress WordPress plugin before 5.11.1 did not properly check for imported files, forbidding certain extension via a blacklist approach, allowing administrator to import an archive with a .php4 inside for example, leading to RCE...
Cross-Site Scripting (XSS)
sentry is vulnerable to Cross-Site Scripting XSS. The vulnerability exists due to the usage of a blacklist approach instead of a whitelist approach. It is possible for an adversary to create links which can cause JavaScript code to be executed...
Lavarel-Security XSS Filter Bypass Vulnerability
Lavarel-Security cross site scripting filter suffers from a bypass vulnerability. Product: Lavarel-Security XSS Filter Bypass Vulnerability: Mutation Based XSS Bypass Impact: Medium/High Authors: Rafay Baloch Company: RHAinfoSEC Website: http://rhainfosec.com Status: Fixed ========= Description...