5 matches found
EUVD-2025-27577
Malicious code in bioql PyPI...
CVE-2025-59035
Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. Prior to version 3.3.8, there is a Cross-Site-Scripting vulnerability when rendering LaTeX math code in contribution or abstract descriptions. Users should to update to Indico 3.3.8 as...
PT-2025-37075
Name of the Vulnerable Software and Affected Versions: Indico versions prior to 3.3.8 Description: Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. A Cross-Site-Scripting issue exists when rendering LaTeX math code in contribution or...
GHSA-FMQQ-25X9-C6HM Indico vulnerable to Cross-Site-Scripting via confirmation prompts
Impact There is a Cross-Site-Scripting vulnerability in confirmation prompts commonly used when deleting content from Indico. Exploitation requires someone with at least submission privileges such as a speaker and then someone else to attempt to delete this content. Considering that event...
ICSJWG Call for Abstracts
The Industrial Control Systems Joint Working Group ICSJWG—a collaborative and coordinating body operating under the Critical Infrastructure Partnership Advisory Council CIPAC framework—has issued a call for abstracts to be presented at the ICSJWG Spring Meeting in Albuquerque, New Mexico, April...