CVE-2020-9246

FusionCompute 8.0.0 has an information leak vulnerability. A module does not launch strict access control and information protection. Attackers with low privilege can get some extra information. This can lead to information leak...

LearnPress < 4.1.3.1 - Multiple Admin+ Stored Cross-Site Scripting

The plugin does not properly sanitize or escape various inputs within course settings, which could allow high privilege users to perform Cross-Site Scripting attacks when the unfiltredhtml capability is disallowed When adding new courses, the following fields can have XSS payloads like "alert1...

Palo Alto GlobalProtect Agent 5.0.x < 5.0.9 / 5.1.x < 5.1.1 Information Disclosure

The version of Palo Alto GlobalProtect Agent installed on the remote Windows host is 5.0.x prior to 5.0.9, or 5.1.x prior to 5.1.1. It is, therefore, affected by an information disclosure vulnerability due to extra information provided when the troubleshooting log level is set to 'Dump'. An...