Lucene search
K

11 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2018/12/08 5:46 a.m.39 views

Security Bulletin: jQuery UI title/default content cross-site scripting (CVE-2012-6662 and CVE-2010-5312)

Question Security Bulletin: jQuery UI title/default content cross-site scripting CVE-2012-6662 and CVE-2010-5312 Answer Abstract: The jQuery UI is vulnerable to cross-site scripting which is caused by improper validation of user-supplied input as well as input by the default content. A remote...

6.1CVSS0.2AI score0.18351EPSS
Exploits1Affected Software1
OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.27 views

Oracle: Security Advisory (ELSA-2015-1462)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.9AI score0.18351EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2015/03/27 12:0 a.m.57 views

Fedora 20 : dokuwiki-0-0.24.20140929c.fc20 (2015-3211)

This update fixes CVE-2015-2172 - There's a security hole in the ACL plugins remote API component. The plugin failes to check for superuser permissions before executing ACL addition or deletion. This means everybody with permissions to call the XMLRPC API also has permissions to set up their own...

6.5CVSS6.1AI score0.06463EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2015/03/27 12:0 a.m.28 views

Fedora Update for dokuwiki FEDORA-2015-3186

The remote host is missing an update for the Copyright C 2015 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.3AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/03/27 12:0 a.m.55 views

Fedora 21 : dokuwiki-0-0.24.20140929c.fc21 (2015-3186)

This update fixes CVE-2015-2172 - There's a security hole in the ACL plugins remote API component. The plugin failes to check for superuser permissions before executing ACL addition or deletion. This means everybody with permissions to call the XMLRPC API also has permissions to set up their own...

6.5CVSS6.1AI score0.06463EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2014/12/03 12:0 a.m.33 views

Fedora 20 : drupal6-6.34-1.fc20 (2014-15519)

https://www.drupal.org/SA-CORE-2014-006 - Update to Drupal 6. - Drupal 6.33 release notes can be found here, https://www.drupal.org/drupal-6.33-release-notes. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has...

6.8CVSS6AI score0.06463EPSS
Exploits0References9
OpenVAS
OpenVAS
added 2014/12/03 12:0 a.m.28 views

Fedora Update for drupal6 FEDORA-2014-15519

Check the version of drupal6 SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868540";...

6.8CVSS6.3AI score0.02458EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2014/11/24 4:59 p.m.33 views

CVE-2012-6662

Cross-site scripting XSS vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title attribute, which is not properly handled in the autocomplete combo box demo...

4.3CVSS6.5AI score0.06463EPSS
Exploits0References1
CVE
CVE
added 2014/11/24 4:0 p.m.347 views

CVE-2012-6662

CVE-2012-6662 is a cross-site scripting (XSS) vulnerability in the default content option of jquery.ui.tooltip.js (Tooltip widget) in jQuery UI before 1.10.0. The issue allows remote attackers to inject arbitrary script/HTML via the title attribute, exploitable through the autocomplete combo box ...

4.3CVSS5.8AI score0.06463EPSS
Exploits0References11Affected Software4
Cvelist
Cvelist
added 2014/11/24 4:0 p.m.27 views

CVE-2012-6662

Cross-site scripting XSS vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title attribute, which is not properly handled in the autocomplete combo box demo...

6AI score0.06463EPSS
Exploits0References11
Debian CVE
Debian CVE
added 2014/11/24 4:0 p.m.32 views

CVE-2012-6662

Cross-site scripting XSS vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title attribute, which is not properly handled in the autocomplete combo box demo...

4.3CVSS6.1AI score0.06463EPSS
Exploits0
Rows per page
Query Builder