26 matches found
EUVD-2022-24667
Malicious code in bioql PyPI...
EUVD-2022-24984
Malicious code in bioql PyPI...
CVE-2022-1909
Cross-site Scripting XSS - Stored in GitHub repository causefx/organizr prior to 2.1.2200...
CVE-2022-1909
CVE-2022-1909 is an XSS vulnerability in Organizr (causefx/organizr) prior to version 2.1.2200. The issue is a stored XSS via inputs in image-related fields (e.g., Tab Image and Group Image) that can inject JavaScript. The root cause is user-supplied content being stored and later rendered in the...
CVE-2022-1909 Cross-site Scripting (XSS) - Stored in causefx/organizr
Cross-site Scripting XSS - Stored in GitHub repository causefx/organizr prior to 2.1.2200...
CVE-2022-1909 Cross-site Scripting (XSS) - Stored in causefx/organizr
Cross-site Scripting XSS - Stored in GitHub repository causefx/organizr prior to 2.1.2200...
CVE-2022-1698
Allowing long password leads to denial of service in GitHub repository causefx/organizr prior to 2.1.2000. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications...
CVE-2022-1699
Uncontrolled Resource Consumption in GitHub repository causefx/organizr prior to 2.1.2000. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications...
Code injection
Uncontrolled Resource Consumption in GitHub repository causefx/organizr prior to 2.1.2000. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications...
CVE-2022-1698
CVE-2022-1698 affects Organizr versions prior to 2.1.2000. The root cause is that accepting extremely long passwords causes CPU/memory exhaustion during hashing, enabling denial of service for genuine users. Public sources in the connected documents confirm the vulnerability leads to DoS and indi...
CVE-2022-1698 Allowing long password leads to denial of service in causefx/organizr
Allowing long password leads to denial of service in GitHub repository causefx/organizr prior to 2.1.2000. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications...
CVE-2022-1699
CVE-2022-1699 affects the Organizr project (causefx/organizr) prior to version 2.1.2000. The issue is described as Uncontrolled Resource Consumption that can be abused to perform a denial-of-service (DoS) , potentially preventing genuine users from accessing resources/applications. Public documen...
CVE-2022-1699 Uncontrolled Resource Consumption in causefx/organizr
Uncontrolled Resource Consumption in GitHub repository causefx/organizr prior to 2.1.2000. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications...
CVE-2022-1699 Uncontrolled Resource Consumption in causefx/organizr
Uncontrolled Resource Consumption in GitHub repository causefx/organizr prior to 2.1.2000. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications...
CVE-2022-1347
Stored XSS in the "Username" & "Email" input fields leads to account takeover of Admin & Co-admin users in GitHub repository causefx/organizr prior to 2.1.1810. Account takeover and privilege escalation...
CVE-2022-1347
Stored XSS in the "Username" & "Email" input fields leads to account takeover of Admin & Co-admin users in GitHub repository causefx/organizr prior to 2.1.1810. Account takeover and privilege escalation...
CVE-2022-1345
Stored XSS viva .svg file upload in GitHub repository causefx/organizr prior to 2.1.1810. This allows attackers to execute malicious scripts in the user's browser and it can lead to session hijacking, sensitive data exposure, and worse...
Cross site scripting
Stored XSS in the "Username" & "Email" input fields leads to account takeover of Admin & Co-admin users in GitHub repository causefx/organizr prior to 2.1.1810. Account takeover and privilege escalation...
CVE-2022-1347 Stored XSS in the "Username" & "Email" input fields leads to account takeover of Admin & Co-admin users in causefx/organizr
Stored XSS in the "Username" & "Email" input fields leads to account takeover of Admin & Co-admin users in GitHub repository causefx/organizr prior to 2.1.1810. Account takeover and privilege escalation...
CVE-2022-1346
Multiple Stored XSS in GitHub repository causefx/organizr prior to 2.1.1810. This allows attackers to execute malicious scripts in the user's browser and it can lead to session hijacking, sensitive data exposure, and worse...