29 matches found
EUVD-2022-1162
Malicious code in bioql PyPI...
CVE-2024-51508
Tiki through 27.0 allows users who have certain permissions to insert a "Create/Edit External Wiki" stored XSS payload in the Index...
CVE-2024-51508
Tiki through 27.0 allows users who have certain permissions to insert a "Create/Edit External Wiki" stored XSS payload in the Index...
CVE-2024-51507
Tiki through 27.0 allows users who have certain permissions to insert a "Create/Edit External Wiki" stored XSS payload in the Name...
CVE-2024-51507
Tiki through 27.0 allows users who have certain permissions to insert a "Create/Edit External Wiki" stored XSS payload in the Name...
PT-2024-34669 · Tiki · Tiki
Name of the Vulnerable Software and Affected Versions: Tiki versions prior to 27.1 Description: The issue allows users with specific permissions to insert a stored XSS payload in the Name field when creating or editing an external wiki. This can lead to the execution of malicious scripts...
CVE-2024-51507
Tiki Wiki CMS Groupware
Tiki 安全漏洞
Tiki is a suite of open source content management and portal applications from the Tiki community that can be used to create web applications, portals, corporate intranets, extranets, and more. A security vulnerability exists in Tiki version 27.0 and earlier, which originates from a user with...
PT-2024-34670 · Tiki · Tiki
Name of the Vulnerable Software and Affected Versions: Tiki versions prior to 27.1 Description: The issue allows users with specific permissions to insert a stored XSS payload in the Index by creating or editing an external wiki. This can lead to the execution of malicious scripts. Recommendation...
Tiki 安全漏洞
Tiki is a suite of open source content management and portal applications from the Tiki community that can be used to create web applications, portals, corporate intranets, extranets, and more. A security vulnerability exists in Tiki version 27.0 and earlier, which originates from a user with...
BIT-GITEA-2021-45329
Cross Site Scripting XSS vulnerability exists in Gitea before 1.5.1 via the repository settings inside the external wiki/issue tracker URL field...
Fedora 36 : moodle (2023-49eb814ccc)
The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-49eb814ccc advisory. Fixes for CVE-2023-30943 and CVE-2023-30944. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...
CVE-2023-30944
The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in external Wiki method for listing pages. A remote attacker can send a specially crafted request to the affected application and execute limited SQL commands within the application database...
CVE-2023-30944
The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in external Wiki method for listing pages. A remote attacker can send a specially crafted request to the affected application and execute limited SQL commands within the application database...
CVE-2023-30944 Moodle: minor sql injection risk in external wiki method for listing pages
The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in external Wiki method for listing pages. A remote attacker can send a specially crafted request to the affected application and execute limited SQL commands within the application database...
CVE-2023-30944 Moodle: minor sql injection risk in external wiki method for listing pages
The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in external Wiki method for listing pages. A remote attacker can send a specially crafted request to the affected application and execute limited SQL commands within the application database...
Moodle SQL注入漏洞
Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. Moodle suffers from a security vulnerability that stems from insufficient cleansing of user-supplied data in an external Wiki method us...
Cross Site Scripting (XSS)
github.com/go-gitea/gitea is vulnerable to cross-site scripting XSS. The vulnerability exists due to the lack of sanitization in the repository settings in the setting.go file allows the attacker to inject and execute arbitrary Javascript via the URL field in the external wiki/issue tracker...
GHSA-R3GQ-WXQF-Q4GH Cross-site Scripting in Gitea
Cross Site Scripting XSS vulnerability exists in Gitea before 1.5.1 via the repository settings inside the external wiki/issue tracker URL field...
CVE-2021-45329
Cross Site Scripting XSS vulnerability exists in Gitea before 1.5.1 via the repository settings inside the external wiki/issue tracker URL field...