10 matches found
EUVD-2022-25101
Malicious code in bioql PyPI...
CVE-2022-1825
Cross-site Scripting XSS - Reflected in GitHub repository collectiveaccess/providence prior to 1.8...
CVE-2022-1825
Cross-site Scripting XSS - Reflected in GitHub repository collectiveaccess/providence prior to 1.8...
CVE-2022-1825 Cross-site Scripting (XSS) - Reflected in collectiveaccess/providence
Cross-site Scripting XSS - Reflected in GitHub repository collectiveaccess/providence prior to 1.8...
CVE-2022-1825 Cross-site Scripting (XSS) - Reflected in collectiveaccess/providence
Cross-site Scripting XSS - Reflected in GitHub repository collectiveaccess/providence prior to 1.8...
Cross-site Scripting (XSS) - Stored in collectiveaccess/providence
Description stored xss via event name Proof of Concept Plz check this 1 minute video to reproduce the bug https://drive.google.com/file/d/1iMDosuZYYmFyJEVxXo7KB09TghKPs-7/view?usp=sharing \ Here i uses bellow xss payload xss2"'onmouseover=prompt;// Impact Stored xss...
Cross-site Scripting (XSS) - Reflected in collectiveaccess/providence
Description Reflected XSS in form Search Proof of Concept // PoC.js POST /find/QuickSearch/Index HTTP/1.1 Host: demo.collectiveaccess.org Cookie: cademo=5b9d06b7-3860-477d-9d53-85e6b2b1ae99; CAcademouilocale=enUS User-Agent: Mozilla/5.0 Macintosh; Intel Mac OS X 10.15; rv:93.0 Gecko/20100101...
Open Redirect in collectiveaccess/providence
Description Open Redirect on Login with parameter ?redirect= Proof of Concept // PoC.request POST /system/Auth/DoLogin HTTP/1.1 Host: demo.collectiveaccess.org Cookie: cademo=ea7632ab-0ad8-4b0f-939f-9e292f232ff6; CAcademouilocale=enUS User-Agent: Mozilla/5.0 Macintosh; Intel Mac OS X 10.15; rv:93...
Cross site scripting
Cross-site scripting XSS vulnerability in CollectiveAccess Providence and Pawtucket before 1.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2013-4507
CVE-2013-4507 affects CollectiveAccess Providence and Pawtucket up to version 1.3.0. The vulnerability is a cross-site scripting (XSS) flaw that allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. The root cause is a reflected/stored XSS issue in the web interf...