Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 4:27 p.m.6 views

CVE-2020-1904

A path validation issue in WhatsApp for iOS prior to v2.20.61 and WhatsApp Business for iOS prior to v2.20.61 could have allowed for directory traversal overwriting files when sending specially crafted docx, xlsx, and pptx files as attachments to messages...

5.5CVSS6.6AI score0.01114EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:15 p.m.9 views

CVE-2020-25104

eramba c2.8.1 and Enterprise before e2.19.3 allows XSS via a crafted filename for a file attached to an object. For example, the filename has a complete XSS payload followed by the .png extension...

5.4CVSS5.8AI score0.00576EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/04/17 12:0 a.m.9 views

Amazon Linux 2 : evolution (ALAS-2025-2833)

The version of evolution installed on the remote host is prior to 3.28.5-10. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2833 advisory. An issue was discovered in GNOME Evolution before 3.35.91. By using the proprietary non-RFC6068 mailto?attach=... parameter, a...

6.5CVSS6.6AI score0.02682EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/08/02 12:0 a.m.4 views

PT-2022-25412 · Mozilla +4 · Thunderbird +4

Name of the Vulnerable Software and Affected Versions: xdg-mail affected versions not specified Description: The issue arises when xdg-mail is configured to use thunderbird for mailto URLs, leading to improper parsing of the URL. This can result in additional headers being passed to thunderbird...

7.8CVSS7.1AI score0.00652EPSS
Exploits1References23
Atlassian
Atlassian
added 2012/05/13 12:43 p.m.27 views

persistent xss through svg file attachment download

The fix for CONF-22132 was not sufficient because "svg" files are not "said" to be xml by the isXml method. This means that is possible for a malicious party to upload a svg file containing html/javascript which will be rendered in victim's web browser. This bug should have been raised a while ag...

1.4AI score
Exploits0Affected Software1
Rows per page
Query Builder