6 matches found
CVE-2023-6146
A Qualys web application was found to have a stored XSS vulnerability resulting from the absence of HTML encoding in the presentation of logging information to users. This vulnerability allowed a user with login access to the application to introduce XSS payload via browser details...
CVE-2023-6146
A Qualys web application was found to have a stored XSS vulnerability resulting from the absence of HTML encoding in the presentation of logging information to users. This vulnerability allowed a user with login access to the application to introduce XSS payload via browser details...
CVE-2023-6146 Stored XSS Vulnerability in QualysGuard VM/PC
A Qualys web application was found to have a stored XSS vulnerability resulting from the absence of HTML encoding in the presentation of logging information to users. This vulnerability allowed a user with login access to the application to introduce XSS payload via browser details...
CVE-2023-6146 Stored XSS Vulnerability in QualysGuard VM/PC
A Qualys web application was found to have a stored XSS vulnerability resulting from the absence of HTML encoding in the presentation of logging information to users. This vulnerability allowed a user with login access to the application to introduce XSS payload via browser details...
Mozilla: CSRF to Information disclosure on password reset
The vulnerability allowed an attacker to obtain the victim's IP address and browser details by tricking the victim into clicking on a malicious password reset link. The vulnerability was caused by a cross-site request forgery CSRF in the password reset functionality...
webridge application suite gives up too much error information on Internal Server Error
Hi. I accidently come across this error yesterday. Im not sure what to class it as but it sure is a bug of some kind. This occurred because I tried to view some pages on the site and forgot to remove the trailing slash so it had // at the end of the URL. Still it should not give up this informati...