Cross site scripting

jizhicms v2.4.6 is vulnerable to Cross Site Scripting XSS. The content of the article published in the front end is only filtered in the front end, without being filtered in the background, which allows attackers to publish an article containing malicious JavaScript scripts by modifying the reque...

PT-2023-9398 · Yealink · Yealink Meeting Server

Name of the Vulnerable Software and Affected Versions: Yealink Meeting Server versions prior to V26.0.0.67 Description: The issue is related to insufficient protection of service data, allowing a remote attacker to gain access to user authentication data. Specifically, attackers can obtain static...