DRUPAL-CONTRIB-2023-028

This module enables you to render a field in an expandable/collapsible region. The module doesn't sufficiently sanitize the field content when displaying it to an end user. This vulnerability is mitigated by the fact that an attacker must have a role capable of creating content that uses the fiel...

Expandable Formatter - Moderately critical - Cross Site Scripting - SA-CONTRIB-2023-028

This module enables you to render a field in an expandable/collapsible region. The module doesn't sufficiently sanitize the field content when displaying it to an end user. This vulnerability is mitigated by the fact that an attacker must have a role capable of creating content that uses the fiel...

PT-2023-25176 · Amazon · @Aws-Cdk/Aws-Eks +2

Name of the Vulnerable Software and Affected Versions: aws-cdk-lib versions 2.0.0 through 2.80.0 @aws-cdk/aws-eks versions 1.57.0 through 1.202.0 Description: The issue concerns the AWS Cloud Development Kit AWS CDK, an open-source software development framework. In the affected packages,...

DRUPAL-CONTRIB-2019-092

The Smart Trim module allows site builders additional control with text summary fields. The module doesn't sufficiently filter text when certain options are selected. This vulnerability is mitigated by the fact that an attacker must have a role with the ability to create content on the site when...

wildfly-core: Cross-site scripting (XSS) in JBoss Management Console

A cross-site scripting XSS vulnerability was found in the JBoss Management Console versions before 7.1.6.CR1, 7.1.6.GA. Users with roles that can create objects in the application can exploit this to attack other privileged users...