8 matches found
Mageia: Security Advisory (MGASA-2024-0258)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-31868 Apache Zeppelin: XSS vulnerability in the helium module
Improper Encoding or Escaping of Output vulnerability in Apache Zeppelin. The attackers can modify helium.json and exposure XSS attacks to normal users. This issue affects Apache Zeppelin: from 0.8.2 before 0.11.1. Users are recommended to upgrade to version 0.11.1, which fixes the issue...
Froxlor vulnerable to Improper Encoding or Escaping of Output
Improper Encoding or Escaping of Output in GitHub repository froxlor/froxlor prior to 2.0.21...
CVE-2023-3668
CVE-2023-3668 affects Froxlor (froxlor/froxlor) prior to version 2.0.21. The root cause is an improper encoding or escaping of output in the repository, which enables a command-execution vulnerability. Multiple sources confirm the impact as command execution in versions before 2.0.21. Remediation...
CVE-2023-3668 Improper Encoding or Escaping of Output in froxlor/froxlor
Improper Encoding or Escaping of Output in GitHub repository froxlor/froxlor prior to 2.0.21...
CVE-2023-3552
The CVE-2023-3552 entry concerns TeamPass (nilsteampassnet/teampass) prior to version 3.0.10, where improper encoding or escaping of output enables cross-site scripting in folder names. The root cause is insufficient encoding/escaping of outputs, allowing injection of malicious content into the i...
GHSA-5FP8-C45M-256P Improper Encoding or Escaping of Output in Apache Superset
Improper output neutralization for Logs. A specific Apache Superset HTTP endpoint allowed for an authenticated user to forge log entries or inject malicious content into logs...
CVE-2019-19714
Contao 4.8.4 and 4.8.5 has Improper Encoding or Escaping of Output. It is possible to inject insert tags into the login module which will be replaced when the page is rendered...