4 matches found
EulerOS 2.0 SP8 : libtiff (EulerOS-SA-2023-1599)
According to the versions of the libtiff packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in LibTIFF. It has been classified as critical. This affects the function TIFFReadRGBATileExt of the file...
CVE-2022-4828
CVE-2022-4828 affects Bold Timeline Lite for WordPress prior to 1.1.5. The issue arises from not validating/escaping certain shortcode attributes, enabling Stored XSS via shortcodes. Impact vector: low-privilege users (Contributor) can inject payloads that could affect high-privilege users (admin...
CVE-2022-4828 Bold Timeline Lite < 1.1.5 - Contributor+ Stored XSS via Shortcode
The Bold Timeline Lite WordPress plugin before 1.1.5 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...
WordPress Bold Timeline Lite Plugin < 1.1.5 is vulnerable to Cross Site Scripting (XSS)
Software Bold Timeline Lite Type Plugin Vulnerable versions 1.1.5 Fixed in 1.1.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4828 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 0317e30acfa3 Credits István Márton...