10 matches found
Debian: Security Advisory (DSA-5826-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 18.04 ESM / 20.04 ESM / 22.04 ESM : PostfixAdmin vulnerabilities (USN-6550-1)
The remote Ubuntu 18.04 ESM / 20.04 ESM / 22.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6550-1 advisory. It was discovered that Smarty, that is integrated in the PostfixAdmin code, was not properly sanitizing user input when generatin...
MGASA-2023-0155 Updated php-smarty packages fix security vulnerability
Cross site scripting vulnerability in Javascript escaping. CVE-2023-28447 Additional bug fixes included. See referenced release notes for details...
Updated php-smarty packages fix security vulnerability
Cross site scripting vulnerability in Javascript escaping. CVE-2023-28447 Additional bug fixes included. See referenced release notes for details...
Mageia: Security Advisory (MGASA-2023-0155)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for php-Smarty (FEDORA-2023-199edf23f0)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 36 : php-Smarty (2023-7490239652)
The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-7490239652 advisory. 3.1.48 - 2023-03-28 Security - Fixed Cross site scripting vulnerability in Javascript escaping. This addresses CVE-2023-28447. Fixed - Output buffer...
Fedora 37 : php-Smarty (2023-4b03f6cd8a)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-4b03f6cd8a advisory. 3.1.48 - 2023-03-28 Security - Fixed Cross site scripting vulnerability in Javascript escaping. This addresses CVE-2023-28447. Fixed - Output buffer...
CVE-2023-28447 Cross site scripting vulnerability in Javascript escaping in smarty/smarty
Smarty is a template engine for PHP. In affected versions smarty did not properly escape javascript code. An attacker could exploit this vulnerability to execute arbitrary JavaScript code in the context of the user's browser session. This may lead to unauthorized access to sensitive user data,...
CVE-2023-28447
Smarty, a PHP templating engine, is affected by CVE-2023-28447 due to improper escaping of JavaScript code in affected versions. This could allow an attacker to execute arbitrary JavaScript in the context of a user’s browser session, potentially leading to unauthorized access to sensitive data, m...