2 matches found
Code injection
GoReleaser builds Go binaries for several platforms, creates a GitHub release and then pushes a Homebrew formula to a tap repository. goreleaser release --debug log shows secret values used in the in the custom publisher. This vulnerability is fixed in 1.24.0...
WordPress FiboSearch – Ajax Search for WooCommerce Plugin <= 1.23.0 is vulnerable to Cross Site Scripting (XSS)
Software FiboSearch – Ajax Search for WooCommerce Type Plugin Vulnerable versions = 1.23.0 Fixed in 1.24.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2450 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 1e16f85faf8c Credi...