PT-2025-14156 · Otwthemes · Otwthemes Content Manager Light

Name of the Vulnerable Software and Affected Versions: OTWthemes Content Manager Light versions n/a through 3.2 Description: The issue is related to improper neutralization of input during web page generation, which allows for Stored Cross-site Scripting XSS. This means that an attacker can injec...

WordPress plugin Content Manager Light 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

Security Bulletin: Unauthenticated Path Traversal security vulnerability CVE-2023-38366 in IBM Content Navigator in FileNet Content Manager

Summary Unauthenticated Path Traversal security vulnerability CVE-2023-38366 in Administration Console for Content Platform Engine ACCE/IBM Content Navigator ICN in FileNet Content Manager FNCM Vulnerability Details CVEID:CVE-2023-38366 DESCRIPTION: IBM Content Navigator could allow a remote...

Security Bulletin: Apache Axis1 CVE-2023-40743 security vulnerability in FileNet Content Manager, Process Engine Process Orchestration

Summary Apache Axis1 CVE-2023-40743 security vulnerability in FileNet Content Manager, Process Engine Process Orchestration. Affected, not vulnerable. Vulnerability Details CVEID:CVE-2023-40743 DESCRIPTION: UNSUPPORTED WHEN ASSIGNED When integrating Apache Axis 1.x in an application, it may not...

Security Bulletin: Oracle Outside In Technology (OIT) Security Vulnerabilities - July 2024

Summary Oracle Outside In Technology OIT Security Vulnerabilities CVE-2023-45853 and CVE-2023-52425 - Resolved in July 2024 Oracle OIT v8.5.7 BP3 p36705510 Vulnerability Details CVEID:CVE-2023-45853 DESCRIPTION: MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer...

Security Bulletin: ThoughtWorks XStream CVE-2024-47072 security vulnerability in FileNet Content Manager (FNCM) Content Search Services (CSS)

Summary ThoughtWorks XStream CVE-2024-47072 security vulnerability in FileNet Content Manager FNCM Content Search Services CSS Vulnerability Details CVEID:CVE-2024-47072 DESCRIPTION: XStream is vulnerable to a denial of service, caused by a stack-based buffer overflow in BinaryStreamDriver. By...

CVE-2024-1973

By leveraging the vulnerability, lower-privileged users of Content Manager can manipulate Content Manager clients to elevate privileges and perform unauthorized operations...

Piranha CMS 安全漏洞

Piranha CMS is Piranha CMS open source used as a .Net5 friendly editor centric CMS. A security vulnerability exists in Piranha CMS version 11.1, which stems from a stored cross-site scripting vulnerability that allows a remote attacker to execute arbitrary JavaScript in a user's web browser...

Security Bulletin: Apache uimaj-core.jar security vulnerability CVE-2017-15691

Summary Apache uimaj-core.jar security vulnerability CVE-2017-15691 in FileNet Content Manager FNCM Content Search Services CSS/Enterprise Content Management Text Search ECMTS. CSS/ECMTS is affected and is potentially vulnerable. Vulnerability Details CVEID:CVE-2017-15691 DESCRIPTION: Apache uima...

CVE-2024-10863

: Insufficient Logging vulnerability in OpenText Secure Content Manager on Windows allows Audit Log Manipulation.This issue affects Secure Content Manager: from 10.1 before 24.4. End-users can potentially exploit the vulnerability to exclude audit trails from being recorded on the client side...

CVE-2024-10863

CVE-2024-10863 concerns OpenText Secure Content Manager on Windows. It is an Insufficient Logging vulnerability that can enable Audit Log Manipulation on the client side. Affected range includes OpenText Secure Content Manager versions from 10.1 up to, but not including, 24.4 (per the primary des...

CVE-2024-10863 Client-side audit exclusion vulnerability

: Insufficient Logging vulnerability in OpenText Secure Content Manager on Windows allows Audit Log Manipulation.This issue affects Secure Content Manager: from 10.1 before 24.4. End-users can potentially exploit the vulnerability to exclude audit trails from being recorded on the client side...

CVE-2024-10863 Client-side audit exclusion vulnerability

: Insufficient Logging vulnerability in OpenText Secure Content Manager on Windows allows Audit Log Manipulation.This issue affects Secure Content Manager: from 10.1 before 24.4. End-users can potentially exploit the vulnerability to exclude audit trails from being recorded on the client side...

OpenText Secure Content Manager 安全漏洞

OpenText Secure Content Manager is an enterprise content management solution from OpenText Canada. A security vulnerability exists in OpenText Secure Content Manager version 24.3 and earlier, which stems from the presence of a client-side audit exclusion vulnerability that could be exploited to...

Security Bulletin: Security vulnerability CVE-2024-39689 in Certifi python-certifi that is used by FileNet Content Manager and CP4BA - Filenet Content Manager Component

Summary Security vulnerability CVE-2024-39689 in Certifi python-certifi that is used by FileNet Content Manager and CP4BA - Filenet Content Manager Component in container Operator Vulnerability Details CVEID:CVE-2024-39689 DESCRIPTION: Certifi python-certifi could provide weaker than expected...

Security Bulletin: FileNet Content Manager (FNCM) Content Platform Engine (CPE) user may gain authorization privileges of another user in specific cases

Summary FileNet Content Manager FNCM Content Platform Engine CPE user may gain authorization privileges of another user in specific cases Vulnerability Details CVEID:CVE-2023-47716 DESCRIPTION: IBM CP4BA - Filenet Content Manager Component could allow a user to gain the privileges of another user...

Ampache 跨站脚本漏洞

Ampache is an open source web-based audio/video application and file manager from Ampache. A cross-site scripting vulnerability exists in Ampache prior to version 6.6.0, which stems from a stored cross-site scripting vulnerability in the "Playlists - Democratic - Configure Democratic Playlist"...

@beardeddudes/strapi-types (=0.1.0), @bimbeo160/admin (=4.12.2) +50 more potentially affected by CVE-2024-29181 via @strapi/plugin-content-manager (>=0.0.0-a230f29587d4a221c9c686ca4e467b3fb465631a <=4.19.0)

@strapi/plugin-content-manager NPM version =0.0.0-a230f29587d4a221c9c686ca4e467b3fb465631a, =4.12.2, =1.0.9, =1.0.0-alpha.0, =1.1.0, =4.12.4-lakileki.1, =3.5.2, =1.0.1, =1.1.0 - @purnamasari/strapi-plugin-firebase-auth =1.0.11 and more Source cves: CVE-2024-29181 Source advisory:...

PT-2024-22786 · Strapi · @Strapi/Plugin-Content-Manager +1

Name of the Vulnerable Software and Affected Versions: Strapi versions prior to 4.19.1 Description: The issue concerns Strapi, an open-source content management system. In affected versions, when a super admin creates a collection with an item associated to another collection, a user with the...

Security Bulletin: Content Manager Enterprise Edition for March 2024 - CVE-2023-3894

Summary Content Manager Enterprise Edition is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2023-389...