11 matches found
Security Bulletin: jQuery UI title/default content cross-site scripting (CVE-2012-6662 and CVE-2010-5312)
Question Security Bulletin: jQuery UI title/default content cross-site scripting CVE-2012-6662 and CVE-2010-5312 Answer Abstract: The jQuery UI is vulnerable to cross-site scripting which is caused by improper validation of user-supplied input as well as input by the default content. A remote...
Oracle: Security Advisory (ELSA-2015-1462)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 20 : dokuwiki-0-0.24.20140929c.fc20 (2015-3211)
This update fixes CVE-2015-2172 - There's a security hole in the ACL plugins remote API component. The plugin failes to check for superuser permissions before executing ACL addition or deletion. This means everybody with permissions to call the XMLRPC API also has permissions to set up their own...
Fedora Update for dokuwiki FEDORA-2015-3186
The remote host is missing an update for the Copyright C 2015 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora 21 : dokuwiki-0-0.24.20140929c.fc21 (2015-3186)
This update fixes CVE-2015-2172 - There's a security hole in the ACL plugins remote API component. The plugin failes to check for superuser permissions before executing ACL addition or deletion. This means everybody with permissions to call the XMLRPC API also has permissions to set up their own...
Fedora 20 : drupal6-6.34-1.fc20 (2014-15519)
https://www.drupal.org/SA-CORE-2014-006 - Update to Drupal 6. - Drupal 6.33 release notes can be found here, https://www.drupal.org/drupal-6.33-release-notes. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has...
Fedora Update for drupal6 FEDORA-2014-15519
Check the version of drupal6 SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868540";...
CVE-2012-6662
Cross-site scripting XSS vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title attribute, which is not properly handled in the autocomplete combo box demo...
CVE-2012-6662
CVE-2012-6662 is a cross-site scripting (XSS) vulnerability in the default content option of jquery.ui.tooltip.js (Tooltip widget) in jQuery UI before 1.10.0. The issue allows remote attackers to inject arbitrary script/HTML via the title attribute, exploitable through the autocomplete combo box ...
CVE-2012-6662
Cross-site scripting XSS vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title attribute, which is not properly handled in the autocomplete combo box demo...
CVE-2012-6662
Cross-site scripting XSS vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title attribute, which is not properly handled in the autocomplete combo box demo...