1719 matches found
CVE-2022-35587
A cross-site scripting XSS issue in the Fork version 5.9.3 allows remote attackers to inject JavaScript via the "publishondate" Parameter...
Cross site scripting
A cross-site scripting XSS issue in the Fork version 5.9.3 allows remote attackers to inject JavaScript via the "publishontime" Parameter...
Cross site scripting
A cross-site scripting XSS issue in the Fork version 5.9.3 allows remote attackers to inject JavaScript via the "publishondate" Parameter...
CVE-2022-35587
A cross-site scripting XSS issue in the Fork version 5.9.3 allows remote attackers to inject JavaScript via the "publishondate" Parameter...
CVE-2022-35587
Summary: ForkCMS 5.9.3 is affected by a cross-site scripting (XSS) flaw that allows remote injection of JavaScript via the publish_on_date parameter. The issue is described across multiple sources and is attributed to the handling of the spoon library charset in Kernel.php (defineForkConstants). ...
CVE-2022-35589
Summary: CVE-2022-35589 is a cross-site scripting (XSS) vulnerability in ForkCMS v5.9.3 that allows remote attackers to inject JavaScript via the publish_on_time parameter. The issue has several public entries (NVD, Red Hat, Veracode, GHSA) describing the same vector and confirm the vulnerable co...
PT-2022-22911 · Fork Cms · Fork Cms
Name of the Vulnerable Software and Affected Versions: ForkCMS versions prior to 5.11.0 Description: A stored cross-site scripting XSS issue allows remote attackers to inject JavaScript via the start date Parameter. This issue was patched in version 5.11.0. Recommendations: For ForkCMS versions...
PT-2022-22913 · Fork · Fork
Name of the Vulnerable Software and Affected Versions: Fork version 5.9.3 Description: A cross-site scripting XSS issue allows remote attackers to inject JavaScript via the publish on time Parameter. This issue was patched in version 5.11.0, which means all versions prior to 5.11.0 are affected...
PT-2022-22912 · Fork · Fork
Name of the Vulnerable Software and Affected Versions: Fork version 5.9.3 Description: A cross-site scripting XSS issue allows remote attackers to inject JavaScript via the publish on date Parameter. This issue was patched in version 5.11.0, which means all versions prior to 5.11.0 are affected...
nbconvert vulnerable to cross-site scripting (XSS) via multiple exploit paths
Most of the fixes will be in this repo, though, so having it here gives us the private fork to work on patches Below is currently a duplicate of the original report: ---- Received on [email protected] unedited, I'm not sure if we want to make it separate advisories. Pasted raw for now, feel fr...
[SECURITY] Fedora 35 Update: golang-github-dreamacro-shadowsocks2-0.1.7-3.fc35
Experimental Shadowsocks in Go. Stable fork at https://github.com/shadowsocks/go-shadowsocks2...
Amazon Linux 2 : git (ALAS-2022-1810)
The version of git installed on the remote host is prior to 2.34.3-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2022-1810 advisory. A vulnerability was found in Git. This flaw occurs due to Git not checking the ownership of directories in a local multi-user system...
EulerOS 2.0 SP8 : git (EulerOS-SA-2022-1929)
According to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Git for Windows is a fork of Git containing Windows-specific patches. This vulnerability affects users working on multi-user machines, where...
EulerOS 2.0 SP5 : git (EulerOS-SA-2022-1888)
According to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Git for Windows is a fork of Git containing Windows-specific patches. This vulnerability affects users working on multi-user machines, where...
catalog.spanishfork.org Cross Site Scripting vulnerability OBB-2650852
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
catalog.spanishfork.org Cross Site Scripting vulnerability OBB-2646747
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2022-32978
There is an assertion failure in SingleComponentLSScan::ParseMCU in singlecomponentlsscan.cpp in libjpeg before 1.64 via an empty JPEG-LS scan...
Amazon Linux AMI : git (ALAS-2022-1589)
The version of git installed on the remote host is prior to 2.36.1-1.75. It is, therefore, affected by a vulnerability as referenced in the ALAS-2022-1589 advisory. A vulnerability was found in Git. This flaw occurs due to Git not checking the ownership of directories in a local multi-user system...
catalog.spanishfork.org Cross Site Scripting vulnerability OBB-2636801
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Fork CMS Cross-site Scripting Vulnerability
Fork before 5.8.3 allows XSS via navigationtitle or title...