32 matches found
CVE-2021-20813
Cross-site scripting vulnerability in Edit screen of Content Data of Movable Type Movable Type 7 r.4903 and earlier Movable Type 7 Series and Movable Type Advanced 7 r.4903 and earlier Movable Type Advanced 7 Series allows remote attackers to inject arbitrary script or HTML via unspecified vector...
CVE-2021-20813
Cross-site scripting vulnerability in Edit screen of Content Data of Movable Type Movable Type 7 r.4903 and earlier Movable Type 7 Series and Movable Type Advanced 7 r.4903 and earlier Movable Type Advanced 7 Series allows remote attackers to inject arbitrary script or HTML via unspecified vector...
Cross site scripting
Cross-site scripting vulnerability in Edit screen of Content Data of Movable Type Movable Type 7 r.4903 and earlier Movable Type 7 Series and Movable Type Advanced 7 r.4903 and earlier Movable Type Advanced 7 Series allows remote attackers to inject arbitrary script or HTML via unspecified vector...
CVE-2021-20813
Cross-site scripting vulnerability in Edit screen of Content Data of Movable Type Movable Type 7 r.4903 and earlier Movable Type 7 Series and Movable Type Advanced 7 r.4903 and earlier Movable Type Advanced 7 Series allows remote attackers to inject arbitrary script or HTML via unspecified vector...
CVE-2021-20813
Cross-site scripting vulnerability in Edit screen of Content Data of Movable Type Movable Type 7 r.4903 and earlier Movable Type 7 Series and Movable Type Advanced 7 r.4903 and earlier Movable Type Advanced 7 Series allows remote attackers to inject arbitrary script or HTML via unspecified vector...
CVE-2021-20813
CVE-2021-20813 is a cross-site scripting vulnerability in Movable Type’s Edit screen for Content Data. Affected products include Movable Type 7 (r4903 and earlier) and Movable Type Advanced 7 (r4903 and earlier). The flaw allows remote attackers to inject arbitrary script or HTML via unspecified ...
Multiple cross-site scripting vulnerabilities in Movable Type
Overview Movable Type provided by Six Apart Ltd. contains multiple cross-site scripting vulnerabilities listed below. Cross-site scripting vulnerability in Search screen CWE-79 - CVE-2021-20808 Cross-site scripting vulnerability in Create screens of Entry, Page, and Content Type CWE-79 -...
jsrsasign
This is an open-source JavaScript library called jsrsasign, which provides cryptographic functions for RSA/RSAPSS/ECDSA/DSA signing and validation, ASN.1, PKCS1/5/8 private/public key, X.509 certificate, CRL, OCSP, CMS SignedData, TimeStamp, and CAdES. The library is available on Node.js and...
Revotech I6032B-P Remote Configuration Disclosure
!/usr/bin/perl Revotech I6032B-P POE 1920x1080P 2.0MP Outdoor Camera Remote Configuration Disclosure Copyright 2020 c Todor Donev https://donev.eu/ Disclaimer: This or previous programs are for Educational purpose ONLY. Do not use it without permission. The usual disclaimer applies, especially th...
Requests for Yahoo User Data Spiked After Paris Terror Attacks
Yahoo’s latest transparency report, published today, reflects a spike in government and law enforcement requests for user data following the Paris terrorist attacks of Nov. 13. The attacks resulted in the deaths of 130 people and injuries to more than 350 others; the situation remains fluid with...
New Verizon Transparency Report Shows Large Government Appetite for Location, Content Data
Verizon said in a new transparency report that though the number of some kinds of orders dropped–including wiretap orders and warrants–others rose, including general orders and pen register and trap and trace orders, and the company received nearly 150,000 total orders in the first half of 2014...
Yahoo Transparency Report Reveals More Than 12K U.S. Government Data Requests
Following the lead of Google, Twitter and other major Internet companies, Yahoo has issued its first transparency report, revealing that it received more than 12,000 requests for user data from the U.S. government in the first half of 2013. The company disclosed user content in nearly a third of...