Lucene search
K

10 matches found

OpenVAS
OpenVAS
added 2024/12/11 12:0 a.m.18 views

Debian: Security Advisory (DSA-5826-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.3CVSS7.1AI score0.01025EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/12/12 12:0 a.m.43 views

Ubuntu 18.04 ESM / 20.04 ESM / 22.04 ESM : PostfixAdmin vulnerabilities (USN-6550-1)

The remote Ubuntu 18.04 ESM / 20.04 ESM / 22.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6550-1 advisory. It was discovered that Smarty, that is integrated in the PostfixAdmin code, was not properly sanitizing user input when generatin...

8.8CVSS7AI score0.04923EPSS
Exploits2References4
OSV
OSV
added 2023/04/24 12:20 a.m.12 views

MGASA-2023-0155 Updated php-smarty packages fix security vulnerability

Cross site scripting vulnerability in Javascript escaping. CVE-2023-28447 Additional bug fixes included. See referenced release notes for details...

7.1CVSS6.7AI score0.01025EPSS
Exploits0References6
Mageia
Mageia
added 2023/04/24 12:20 a.m.41 views

Updated php-smarty packages fix security vulnerability

Cross site scripting vulnerability in Javascript escaping. CVE-2023-28447 Additional bug fixes included. See referenced release notes for details...

7.1CVSS6.2AI score0.01025EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2023/04/24 12:0 a.m.27 views

Mageia: Security Advisory (MGASA-2023-0155)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1CVSS6.7AI score0.01025EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2023/04/16 12:0 a.m.26 views

Fedora: Security Advisory for php-Smarty (FEDORA-2023-199edf23f0)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1CVSS6.6AI score0.01025EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/04/12 12:0 a.m.31 views

Fedora 36 : php-Smarty (2023-7490239652)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-7490239652 advisory. 3.1.48 - 2023-03-28 Security - Fixed Cross site scripting vulnerability in Javascript escaping. This addresses CVE-2023-28447. Fixed - Output buffer...

7.1CVSS7.2AI score0.01025EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/04/12 12:0 a.m.30 views

Fedora 37 : php-Smarty (2023-4b03f6cd8a)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-4b03f6cd8a advisory. 3.1.48 - 2023-03-28 Security - Fixed Cross site scripting vulnerability in Javascript escaping. This addresses CVE-2023-28447. Fixed - Output buffer...

7.1CVSS7.2AI score0.01025EPSS
Exploits0References2
OSV
OSV
added 2023/03/28 8:7 p.m.30 views

CVE-2023-28447 Cross site scripting vulnerability in Javascript escaping in smarty/smarty

Smarty is a template engine for PHP. In affected versions smarty did not properly escape javascript code. An attacker could exploit this vulnerability to execute arbitrary JavaScript code in the context of the user's browser session. This may lead to unauthorized access to sensitive user data,...

7.1CVSS6.9AI score0.01025EPSS
Exploits0References8
CVE
CVE
added 2023/03/28 8:7 p.m.165 views

CVE-2023-28447

Smarty, a PHP templating engine, is affected by CVE-2023-28447 due to improper escaping of JavaScript code in affected versions. This could allow an attacker to execute arbitrary JavaScript in the context of a user’s browser session, potentially leading to unauthorized access to sensitive data, m...

7.1CVSS6.8AI score0.01025EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder