Lucene search
K

8 matches found

OpenVAS
OpenVAS
added 2024/07/10 12:0 a.m.49 views

Mageia: Security Advisory (MGASA-2024-0258)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.2AI score0.99957EPSS
Exploits2References13
Cvelist
Cvelist
added 2024/04/09 4:10 p.m.31 views

CVE-2024-31868 Apache Zeppelin: XSS vulnerability in the helium module

Improper Encoding or Escaping of Output vulnerability in Apache Zeppelin. The attackers can modify helium.json and exposure XSS attacks to normal users. This issue affects Apache Zeppelin: from 0.8.2 before 0.11.1. Users are recommended to upgrade to version 0.11.1, which fixes the issue...

6AI score0.0131EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2023/07/14 3:32 a.m.21 views

Froxlor vulnerable to Improper Encoding or Escaping of Output

Improper Encoding or Escaping of Output in GitHub repository froxlor/froxlor prior to 2.0.21...

9.1CVSS7AI score0.00835EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2023/07/14 12:0 a.m.49 views

CVE-2023-3668

CVE-2023-3668 affects Froxlor (froxlor/froxlor) prior to version 2.0.21. The root cause is an improper encoding or escaping of output in the repository, which enables a command-execution vulnerability. Multiple sources confirm the impact as command execution in versions before 2.0.21. Remediation...

9.1CVSS7.1AI score0.00835EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2023/07/14 12:0 a.m.29 views

CVE-2023-3668 Improper Encoding or Escaping of Output in froxlor/froxlor

Improper Encoding or Escaping of Output in GitHub repository froxlor/froxlor prior to 2.0.21...

9.1CVSS8.2AI score0.00835EPSS
Exploits1References4
CVE
CVE
added 2023/07/08 8:19 a.m.136 views

CVE-2023-3552

The CVE-2023-3552 entry concerns TeamPass (nilsteampassnet/teampass) prior to version 3.0.10, where improper encoding or escaping of output enables cross-site scripting in folder names. The root cause is insufficient encoding/escaping of outputs, allowing injection of malicious content into the i...

7.6CVSS5.7AI score0.00468EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2022/05/24 7:20 p.m.29 views

GHSA-5FP8-C45M-256P Improper Encoding or Escaping of Output in Apache Superset

Improper output neutralization for Logs. A specific Apache Superset HTTP endpoint allowed for an authenticated user to forge log entries or inject malicious content into logs...

7.1CVSS6.2AI score0.01761EPSS
Exploits0References6
NVD
NVD
added 2019/12/17 3:15 p.m.50 views

CVE-2019-19714

Contao 4.8.4 and 4.8.5 has Improper Encoding or Escaping of Output. It is possible to inject insert tags into the login module which will be replaced when the page is rendered...

5.3CVSS5.2AI score0.00819EPSS
Exploits0References2
Rows per page
Query Builder