Lucene search
K

5 matches found

CVE
CVE
added 2025/11/18 12:0 a.m.12 views

CVE-2025-63693

CVE-2025-63693 affects DzzOffice 2.3.x. The vulnerability resides in the comment editing template (dzz/comment/template/edit_form.htm), which does not adequately escape user-controllable data across HTML and JavaScript contexts. This can allow low-privilege attackers to craft comment content or r...

5.4CVSS7AI score0.00154EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2025/06/13 8:41 p.m.7 views

GHSA-FF6V-W58F-V97W XWiki provides no warning when granting XWiki.Notifications.Code.NotificationEmailRendererClass admin right

Impact When a user without script right creates a document with an XWiki.Notifications.Code.NotificationEmailRendererClass object, and later an admin edits and saves that document, the email templates in this object will be used for notifications. No malicious code can be executed, though, as whi...

5.1CVSS7.2AI score0.00228EPSS
Exploits1References5
Atlassian
Atlassian
added 2014/01/24 1:21 a.m.17 views

XSS on several select lists

Steps to reproduce: -Create a new issue type -Add "alert'Issue name' as Issue name mind the qoute at the beginning -Add "alert'Issue desc' as Issue Description -Add /images/icons/issuetypes/genericissue.png "alert'Issue icon' as Issue Icon -Make sure that this issue type is available on your...

1.3AI score
Exploits0
Exploit DB
Exploit DB
added 2011/10/19 12:0 a.m.40 views

Openemr-4.1.0 - SQL Injection

Exploit Title: Openemr-4.1.0 SQL injection Vulnerability Date: 2011/10/18 Author: I2sec-dae jin Oh Software Link: http://sourceforge.net/projects/openemr/files/OpenEMR%20Current/4.1.0/openemr-4.1.0.zip/download Vendor : www.open-emr.com Version: Openemr-4.1.0 Tested on: Windows 7...

7AI score
Exploits0
Atlassian
Atlassian
added 2008/02/08 2:18 p.m.22 views

Seperate label permissions from edit issue permission

In 3.11 the labels plugin changed so that manipulating labels required the "Edit Issue" permission. This drastically impacted our organizations workflow, as we'd just introduced labels in our previous upgrade, and we don't give "edit issues" to all users, but we do want all authenticated users to...

1.9AI score
Exploits0Affected Software1
Rows per page
Query Builder