7 matches found
EUVD-2024-3451
Malicious code in bioql PyPI...
CVE-2024-53864
Ibexa Admin UI Bundle is all the necessary parts to run the Ibexa DXP Back Office interface. The Content name pattern is used to build Content names from one or more fields. An XSS vulnerability has been found in this mechanism. Content edit permission is required to exploit it. After the fix, an...
CVE-2024-53864 Cross-site Scripting in a field that is used in the Content name pattern in ibexa/admin-ui
Ibexa Admin UI Bundle is all the necessary parts to run the Ibexa DXP Back Office interface. The Content name pattern is used to build Content names from one or more fields. An XSS vulnerability has been found in this mechanism. Content edit permission is required to exploit it. After the fix, an...
CVE-2024-53864 Cross-site Scripting in a field that is used in the Content name pattern in ibexa/admin-ui
Ibexa Admin UI Bundle is all the necessary parts to run the Ibexa DXP Back Office interface. The Content name pattern is used to build Content names from one or more fields. An XSS vulnerability has been found in this mechanism. Content edit permission is required to exploit it. After the fix, an...
CVE-2024-53864
CVE-2024-53864 describes an XSS vulnerability in the Ibexa Admin UI Bundle, specifically in the Content name pattern mechanism used to build content names from multiple fields. Exploitation requires content edit permissions, and the issue allows injection of malicious scripts via the Content name...
CVE-2024-53864 Cross-site Scripting in a field that is used in the Content name pattern in ibexa/admin-ui
Ibexa Admin UI Bundle is all the necessary parts to run the Ibexa DXP Back Office interface. The Content name pattern is used to build Content names from one or more fields. An XSS vulnerability has been found in this mechanism. Content edit permission is required to exploit it. After the fix, an...
DRUPAL-CONTRIB-2022-046
The Lottiefiles Field module enables you to integrate the lottiefiles features into your page. The module does not sufficiently filter user-provided text on output, resulting in a Cross-Site Scripting XSS vulnerability. This vulnerability is mitigated by the fact that an attacker must have a role...