PT-2026-32590

Name of the Vulnerable Software and Affected Versions Talend JobServer affected versions not specified Talend Runtime versions prior to R2024-07-RT Description Unauthenticated remote code execution is possible via the JMX monitoring port. Recommendations Require TLS client authentication for the...

EUVD-2024-45728

Malicious code in bioql PyPI...

EUVD-2021-30754

Malicious code in bioql PyPI...

EUVD-2021-27856

Malicious code in bioql PyPI...

EUVD-2022-48454

Malicious code in bioql PyPI...

MAL-2025-11289 Malicious code in @zalastax/nolb-esb (npm)

The package @zalastax/nolb-esb was found to contain malicious code...

MAL-2025-5078 Malicious code in esb-core-helpers (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in esb-core-helpers (npm)

--- -= Per source details. Do not edit below this line.=-...

CVE-2024-51936

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in eSparkBiz ESB Testimonials esb-testimonials allows Stored XSS.This issue affects ESB Testimonials: from n/a through = 1.0.0...

CVE-2022-45589

All versions before 8.0.1-R2022-10-RT and 7.3.1-R2022-09-RT of the Talend ESB Runtime are potentially vulnerable to SQL Injection attacks in the provisioning service only. Users of the provisioning service should upgrade to either 8.0.1-R2022-10-RT or 7.3.1-R2022-09-RT or a later release and use ...

CVE-2024-51936

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in eSparkBiz ESB Testimonials esb-testimonials allows Stored XSS.This issue affects ESB Testimonials: from n/a through = 1.0.0...

CVE-2024-51936

CVE-2024-51936 is a Stored XSS in the WordPress ESB Testimonials plugin (affected: 1.0.0 and earlier). Root cause: improper neutralization during web page generation. Impact per sources: stored script execution potentially affecting site visitors. Remediation: update to a fixed version (per PT Se...

CVE-2024-51936 WordPress ESB Testimonials plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Henry ESB Testimonials allows Stored XSS.This issue affects ESB Testimonials: from n/a through 1.0.0...

CVE-2024-51936 WordPress ESB Testimonials plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in eSparkBiz ESB Testimonials esb-testimonials allows Stored XSS.This issue affects ESB Testimonials: from n/a through = 1.0.0...

PT-2024-35069 · Unknown · Web Testimonials

Name of the Vulnerable Software and Affected Versions: ESB Testimonials versions 1.0.0 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for Stored XSS. This means that an attacker can inject malicious scripts into the...

WordPress ESB Testimonials plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin ESB Testimonials versions = 1.0.0...

WordPress ESB Testimonials Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software ESB Testimonials Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51936 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 5578fdc416f3 Credits SOPROBRO Required privilege Contributor...

VulnCheck KEV: CVE-2021-40684

Talend ESB Runtime in all versions from 5.1 to 7.3.1-R2021-09, 7.2.1-R2021-09, 7.1.1-R2021-09, has an unauthenticated Jolokia HTTP endpoint which allows remote access to the JMX of the runtime container, which would allow an attacker the ability to read or modify the container or software running...

esb-splp.layanan.go.id Cross Site Scripting vulnerability OBB-3851993

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2022-45589

All versions before 8.0.1-R2022-10-RT and 7.3.1-R2022-09-RT of the Talend ESB Runtime are potentially vulnerable to SQL Injection attacks in the provisioning service only. Users of the provisioning service should upgrade to either 8.0.1-R2022-10-RT or 7.3.1-R2022-09-RT or a later release and use ...