Apache Airflow Cross-Site Scripting Vulnerability (CNVD-2020-44095)

Apache Airflow is the United States Apache Apache Software Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. A cross-site scripting vulnerability exists in the Chart page of the...

CVE-2020-1018

An information disclosure vulnerability exists when Microsoft Dynamics Business Central/NAV on-premise does not properly hide the value of a masked field when showing the records as a chart page.The attacker who successfully exploited the vulnerability could see the information that are in a mask...

Description of the security update for Microsoft Dynamics NAV 2015: April 14, 2020

Description of the security update for Microsoft Dynamics NAV 2015: April 14, 2020 An information disclosure vulnerability exists if Microsoft Dynamics Business Central/NAV on-premises does not correctly hide the value of a masked field when it displays the records as a chart page. To learn more...

Cumulative Update 11 for Microsoft Dynamics 365 Business Central April'19 on-premises (Application Build 14.12.41935, Platform Build 14.0.41862)

Cumulative Update 11 for Microsoft Dynamics 365 Business Central April'19 on-premises Application Build 14.12.41935, Platform Build 14.0.41862 This article applies to Microsoft Dynamics 365 Business Central Spring 2019 Update on-premises deployments for all countries and all language locales. An...

foreman: Stored XSS in fact name or value

An attacker submitting facts to the Foreman server containing HTML can cause a stored XSS on certain pages: 1 Facts page, when clicking on the "chart" button and hovering over the chart; 2 Trends page, when checking the graph for a trend based on a such fact; 3 Statistics page, for facts that are...