41 matches found
CVE-2026-41150 Mermaid Gantt Charts are vulnerable to an Infinite Loop DoS
Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Prior to 10.9.6 and 11.15.0, there is a denial-of-service attack when rendering gantt charts, if they use the excludes attribute to exclude all dates. mermaid.parse is unaffected, unless you th...
EUVD-2020-7915
Malware in sbrugna...
EUVD-2020-7914
Malware in sbrugna...
EUVD-2014-7138
Malware in sbrugna...
CVE-2024-52599
Tuleap is an open source suite to improve management of software developments and collaboration. In Tuleap Community Edition prior to version 16.1.99.50 and Tuleap Enterprise Edition prior to versions 16.1-4 and 16.0-7, a malicious user with the ability to create an artifact in a tracker with a...
CVE-2024-52599 Tuleap vulnerable to XSS in the Gantt chart of the tracker plugin
Tuleap is an open source suite to improve management of software developments and collaboration. In Tuleap Community Edition prior to version 16.1.99.50 and Tuleap Enterprise Edition prior to versions 16.1-4 and 16.0-7, a malicious user with the ability to create an artifact in a tracker with a...
CVE-2024-52599 Tuleap vulnerable to XSS in the Gantt chart of the tracker plugin
Tuleap is an open source suite to improve management of software developments and collaboration. In Tuleap Community Edition prior to version 16.1.99.50 and Tuleap Enterprise Edition prior to versions 16.1-4 and 16.0-7, a malicious user with the ability to create an artifact in a tracker with a...
CVE-2024-52599
CVE-2024-52599 concerns Tuleap, where a malicious user who can create an artifact in a tracker with a Gantt chart can cause a victim to execute uncontrolled code. Affected: Tuleap Community Edition prior to 16.1.99.50; Tuleap Enterprise Edition prior to 16.1-4 and 16.0-7. Root cause described as ...
Enalean Tuleap 跨站脚本漏洞
Enalean Tuleap is a free and open source tool from the French company Enalean. For end-to-end traceability of application and system development. A cross-site scripting vulnerability exists in Enalean Tuleap Community Edition prior to 16.1.99.50 and Enalean Tuleap Enterprise Edition prior to 16.1...
PT-2024-35395 · Unknown · Tuleap Community Edition +1
Name of the Vulnerable Software and Affected Versions: Tuleap Community Edition versions prior to 16.1.99.50 Tuleap Enterprise Edition versions prior to 16.1-4 Tuleap Enterprise Edition versions prior to 16.0-7 Description: A malicious user with the ability to create an artifact in a tracker with...
Exploit for Improper Authentication in Atlassian Jira_Data_Center
Atlassian Jira Seraph Authentication Bypass RCE(CVE-2022-0540)...
Jira Gantt Chart Module Persistent Cross Site Scripting (CVE-2020-15944)
A persistent cross site scripting vulnerability exists in Jira Gantt Chart Module. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...
Atlassian Jira Gantt-Chart Information Disclosure Vulnerability
Atlassian Jira is a defect tracking management system from Atlassian Australia. Gantt-Chart is a project management module for tracking and managing all types of issues and defects in the workplace. A security vulnerability exists in Atlassian Jira Gantt-Chart prior to version 5.5.4, which stems...
Atlassian Jira Gantt-Chart Cross-Site Scripting Vulnerability
Atlassian Jira is a defect tracking management system from Atlassian Australia. Gantt-Chart is a project management module for tracking and managing all types of issues and defects in the workplace. A cross-site scripting vulnerability exists in Atlassian Jira Gantt-Chart versions prior to 5.5.5...
Gantt-Chart For Jira 5.5.4 Cross Site Scripting Vulnerability
Exploit for multiple platform in category web applications Product: Jira module "Gantt-Chart for Jira" Manufacturer: Frank Polscheit - Solutions & IT-Consulting Affected Versions: alert'XSS'" can be chosen as the name of a filter and is then d...
CVE-2020-15944
An issue was discovered in the Gantt-Chart module before 5.5.5 for Jira. Due to missing validation of user input, it is vulnerable to a persistent XSS attack. An attacker can embed the attack vectors in the dashboard of other users. To exploit this vulnerability, an attacker has to be authenticat...
CVE-2020-15943
An issue was discovered in the Gantt-Chart module before 5.5.4 for Jira. Due to a missing privilege check, it is possible to read and write to the module configuration of other users. This can also be used to deliver an XSS payload to other users' dashboards. To exploit this vulnerability, an...
CVE-2020-15944
An issue was discovered in the Gantt-Chart module before 5.5.5 for Jira. Due to missing validation of user input, it is vulnerable to a persistent XSS attack. An attacker can embed the attack vectors in the dashboard of other users. To exploit this vulnerability, an attacker has to be authenticat...
CVE-2020-15943
An issue was discovered in the Gantt-Chart module before 5.5.4 for Jira. Due to a missing privilege check, it is possible to read and write to the module configuration of other users. This can also be used to deliver an XSS payload to other users' dashboards. To exploit this vulnerability, an...
Input validation
An issue was discovered in the Gantt-Chart module before 5.5.5 for Jira. Due to missing validation of user input, it is vulnerable to a persistent XSS attack. An attacker can embed the attack vectors in the dashboard of other users. To exploit this vulnerability, an attacker has to be authenticat...