EUVD-2021-26979

Malware in sbrugna...

USN-7647-1 ledgersmb vulnerabilities

It was discovered that LedgerSMB did not check the origin of HTML fragments. An attacker could possibly use this issue to send a maliciously crafted URL to the server and obtain sensitive information, or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubun...

Cross-site Scripting (XSS)

Overview org.wso2.carbon.identity.framework:org.wso2.carbon.identity.user.store.configuration.ui is an User Store UI component for WSO2 Carbon Affected versions of this package are vulnerable to Cross-site Scripting XSS due to insufficient output encoding in error messages generated by the JDBC...

CVE-2021-32668

TYPO3 is an open source PHP based web content management system. Versions 9.0.0 through 9.5.28, 10.0.0 through 10.4.17, and 11.0.0 through 11.3.0 have a cross-site scripting vulnerability. When error messages are not properly encoded, the components QueryGenerator and QueryView are vulnerable to...

LedgerSMB 跨站脚本漏洞

LedgerSMB is a free web-based double-entry bookkeeping system with quoting, ordering, invoicing, projects, time cards, inventory management, shipping, etc. A cross-site scripting vulnerability exists in LedgerSMB, which stems from the application's failure to adequately encode HTML for error...

Zend Server Zend Debugger Cross-Site Scripting Vulnerability

Zend Server is a PHP Web development application server from Zend Technologies , which simplifies the development and running of PHP applications in Windows and Linux environments.Zend Debugger is one of the debugging tools. A cross-site scripting vulnerability exists in Zend Debugger in versions...