4 matches found
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...
CVE-2023-28813
An attacker could exploit a vulnerability by sending crafted messages to computers installed with this plug-in to modify plug-in parameters, which could cause affected computers to download malicious files...
Open redirect
SAP Solution Manager Trace Analysis, version - 720, allows for misuse of a parameter in the application URL leading to Open Redirect vulnerability, an attacker can enter a link to malicious site which could trick the user to enter credentials or download malicious software, as a parameter in the...
Chaturbate: Missing CSRF Protection in /stats EndPoint.
EndPoint /affiliates/stats. doesnot verify the CSRF Tokens Steps To Reproduce: 1. Login with the your account 2. Navigate to the URL https://chaturbate.com/affiliates/stats.. 3. Check the stats in default its todays date or this week in select period. 4. Intercept the request and change the...