EUVD-2022-28069

Malicious code in bioql PyPI...

Malicious code in @malware-test-afire-amass-hover-boxer/test-mlw3-afire-amass-hover-boxer (npm)

The package @malware-test-afire-amass-hover-boxer/test-mlw3-afire-amass-hover-boxer was found to contain malicious code...

CVE-2022-22944

VMware Workspace ONE Boxer contains a stored cross-site scripting XSS vulnerability. Due to insufficient sanitization and validation, in VMware Workspace ONE Boxer calendar event descriptions, a malicious actor can inject script tags to execute arbitrary script within a user's window...

boxer-klubben.dk Cross Site Scripting vulnerability OBB-3942728

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2022-22944

VMware Workspace ONE Boxer contains a stored cross-site scripting XSS vulnerability. Due to insufficient sanitization and validation, in VMware Workspace ONE Boxer calendar event descriptions, a malicious actor can inject script tags to execute arbitrary script within a user's window...

CVE-2022-22944

VMware Workspace ONE Boxer contains a stored cross-site scripting XSS vulnerability. Due to insufficient sanitization and validation, in VMware Workspace ONE Boxer calendar event descriptions, a malicious actor can inject script tags to execute arbitrary script within a user's window...

Cross site scripting

VMware Workspace ONE Boxer contains a stored cross-site scripting XSS vulnerability. Due to insufficient sanitization and validation, in VMware Workspace ONE Boxer calendar event descriptions, a malicious actor can inject script tags to execute arbitrary script within a user's window...

CVE-2022-22944

CVE-2022-22944 affects VMware Workspace ONE Boxer. The issue is a stored XSS in calendar event descriptions caused by insufficient sanitization/validation, enabling injection of script tags. Several sources corroborate a stored XSS vulnerability in Boxer, with VMware’s advisory VMSA-2022-0006 sta...

CVE-2022-22944

VMware Workspace ONE Boxer contains a stored cross-site scripting XSS vulnerability. Due to insufficient sanitization and validation, in VMware Workspace ONE Boxer calendar event descriptions, a malicious actor can inject script tags to execute arbitrary script within a user's window...

Vmware Workspace One Boxer 跨站脚本漏洞

Vmware Workspace One Boxer is a mobile email application for AirWatch and Workspace One customers from Vmware USA. VMWare Workspace ONE Boxer suffers from a cross-site scripting vulnerability that stems from user-supplied data not being adequately processed. An attacker could exploit the...

VMware Workspace ONE Boxer update addresses a stored cross-site scripting (XSS) vulnerability (CVE-2022-22944)

3a. VMware Workspace ONE Boxer update addresses a stored cross-site scripting XSS vulnerability CVE-2022-22944 VMware Workspace ONE Boxer contains a stored cross-site scripting XSS vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum...

VMware Boxer - Base64 encoded String, Customized SSL, Exported ContentProvider vulnerabilities

HackApp vulnerability scanner discovered that application VMware Boxer published at the 'play' market has multiple vulnerabilities...

Boxer Calendar - Customized SSL, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application Boxer Calendar published at the 'play' market has multiple vulnerabilities...

Fake Instagram App Could Cost Unsuspecting Android Users

Malware writers are taking advantage of the popularity of the Instagram photo application to distribute a form of malware that can send background SMS texts from Android devices. Instead of downloading the app from Android’s marketplace, Google Play, some users are being duped into downloading a...