18 matches found
CVE-2026-2735
Stored Cross-Site Scripting XSS in Alkacon's OpenCms v18.0, which occurs when user input is not properly validated when sending a POST request to ‘/blog/new-article/org.opencms.ugc.CmsUgcEditService.gwt’ using the ‘text’ parameter...
CVE-2026-2735 Stored Cross-Site Scripting (XSS) vulnerability in Alkacon's OpenCms
Stored Cross-Site Scripting XSS in Alkacon's OpenCms v18.0, which occurs when user input is not properly validated when sending a POST request to ‘/blog/new-article/org.opencms.ugc.CmsUgcEditService.gwt’ using the ‘text’ parameter...
CVE-2026-2735 Stored Cross-Site Scripting (XSS) vulnerability in Alkacon's OpenCms
Stored Cross-Site Scripting XSS in Alkacon's OpenCms v18.0, which occurs when user input is not properly validated when sending a POST request to ‘/blog/new-article/org.opencms.ugc.CmsUgcEditService.gwt’ using the ‘text’ parameter...
CVE-2026-2735
CVE-2026-2735 describes a Stored XSS in Alkacon’s OpenCms v18.0. The vulnerability occurs when user input is not properly validated in a POST request to /blog/new-article/org.opencms.ugc.CmsUgcEditService.gwt using the text parameter. According to the record, the impact is limited to the vulnerab...
EUVD-2024-41743
Malicious code in bioql PyPI...
Server-Side Request Forgery (SSRF)
Apache Ranger is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to improper input validation due to the Edit Service Page in the UI allowing crafted requests that can trigger unintended internal or external network calls...
GHSA-G9GF-G5JQ-9H3V Apache Ranger UI vulnerable to Server Side Request Forgery
SSRF vulnerability in Edit Service Page of Apache Ranger UI in Apache Ranger Version 2.4.0. Users are recommended to upgrade to version Apache Ranger 2.5.0, which fixes this issue...
GHSA-VRX2-MGR9-V67H Apache Ranger has Stored Cross-site Scripting vulnerability in Edit Service Page
Stored XSS vulnerability in Edit Service Page of Apache Ranger UI in Apache Ranger Version 2.4.0. Users are recommended to upgrade to version Apache Ranger 2.5.0, which fixes this issue...
CVE-2024-45479 Apache Ranger: SSRF in Edit Service page - Add logic to filter requests to localhost
SSRF vulnerability in Edit Service Page of Apache Ranger UI in Apache Ranger Version 2.4.0. Users are recommended to upgrade to version Apache Ranger 2.5.0, which fixes this issue...
CVE-2024-45479
Apache Ranger UI (v2.4.0) contains an SSRF vulnerability in the Edit Service Page. The root cause is improper input validation that allows crafted requests to trigger unintended internal or external network calls. This vulnerability is classified with high impact (CVSS v3.1: AV:N/AC:L/PR:N/UI:N/S...
CVE-2024-45479 Apache Ranger: SSRF in Edit Service page - Add logic to filter requests to localhost
SSRF vulnerability in Edit Service Page of Apache Ranger UI in Apache Ranger Version 2.4.0. Users are recommended to upgrade to version Apache Ranger 2.5.0, which fixes this issue...
CVE-2024-45478 Apache Ranger: Stored XSS in Edit Service page - Add logic to validate user input
Stored XSS vulnerability in Edit Service Page of Apache Ranger UI in Apache Ranger Version 2.4.0. Users are recommended to upgrade to version Apache Ranger 2.5.0, which fixes this issue...
CVE-2024-45478 Apache Ranger: Stored XSS in Edit Service page - Add logic to validate user input
Stored XSS vulnerability in Edit Service Page of Apache Ranger UI in Apache Ranger Version 2.4.0. Users are recommended to upgrade to version Apache Ranger 2.5.0, which fixes this issue...
CVE-2024-45478
CVE-2024-45478 describes a stored cross-site scripting (XSS) vulnerability in the Edit Service Page of Apache Ranger UI, specifically affecting Apache Ranger UI version 2.4.0. The underlying issue is lack of proper input filtering/escaping on user-supplied data. The recommended remediation is to ...
Apache Ranger 输入验证错误漏洞
Apache Ranger is a set of architectures from the U.S.-based Apache Foundation for implementing comprehensive security measures for Hadoop clusters. The product provides centralized security policy management for core enterprise security requirements such as authorization, billing and data...
Apache Ranger 输入验证错误漏洞
Apache Ranger is a set of architectures from the Apache USA Foundation that implement comprehensive security measures for Hadoop clusters. The product provides centralized security policy management for core enterprise security requirements such as authorization, billing, and data protection. An...
Cross site scripting
Cross-site scripting XSS vulnerability in SAP BusinessObjects Enterprise XI 3.2 allows remote attackers to inject arbitrary web script or HTML via the ServiceClass field to the Edit Service Parameters page...
CVE-2010-3981
Cross-site scripting XSS vulnerability in SAP BusinessObjects Enterprise XI 3.2 allows remote attackers to inject arbitrary web script or HTML via the ServiceClass field to the Edit Service Parameters page...