EUVD-2012-2119

Malware in sbrugna...

CVE-2022-41209

SAP Customer Data Cloud Gigya mobile app for Android - version 7.4, uses encryption method which lacks proper diffusion and does not hide the patterns well. This can lead to information disclosure. In certain scenarios, application might also be susceptible to replay attacks...

CVE-2022-41209

SAP Customer Data Cloud Gigya mobile app for Android - version 7.4, uses encryption method which lacks proper diffusion and does not hide the patterns well. This can lead to information disclosure. In certain scenarios, application might also be susceptible to replay attacks...

CVE-2022-41209

SAP Customer Data Cloud Gigya mobile app for Android - version 7.4, uses encryption method which lacks proper diffusion and does not hide the patterns well. This can lead to information disclosure. In certain scenarios, application might also be susceptible to replay attacks...

CVE-2022-41210

SAP Customer Data Cloud Gigya mobile app for Android - version 7.4, uses insecure random number generator program which makes it easy for the attacker to predict future random numbers. This can lead to information disclosure and modification of certain user settings...

Information disclosure

SAP Customer Data Cloud Gigya mobile app for Android - version 7.4, uses encryption method which lacks proper diffusion and does not hide the patterns well. This can lead to information disclosure. In certain scenarios, application might also be susceptible to replay attacks...

CVE-2022-41209

SAP Customer Data Cloud Gigya mobile app for Android - version 7.4, uses encryption method which lacks proper diffusion and does not hide the patterns well. This can lead to information disclosure. In certain scenarios, application might also be susceptible to replay attacks...

CVE-2022-41209

CVE-2022-41209 affects SAP Customer Data Cloud (Gigya) mobile app for Android, version 7.4. The issue is an encryption implementation with insufficient diffusion that can reveal patterns, enabling information disclosure; in some scenarios, replay attacks may also be possible. The available docume...

CVE-2022-41210

CVE-2022-41210 affects SAP Customer Data Cloud (Gigya mobile app for Android) version 7.4. The issue is caused by an insecure random number generator, making it easy to predict future random numbers and enabling information disclosure and modification of certain user settings. Sources across mult...

CVE-2012-2117

Cross-site scripting XSS vulnerability in the Gigya - Social optimization module 6.x before 6.x-3.2 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in the Gigya - Social optimization module 6.x before 6.x-3.2 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-2117

The CVE concerns the Gigya - Social optimization module for Drupal 6.x (prior to 6.x-3.2). The vulnerability arises from insufficient escaping of URL elements printed back to the user, enabling cross-site scripting (XSS). Affected software is the Gigya module for Drupal 6.x versions before 6.x-3....

CVE-2012-2117

Cross-site scripting XSS vulnerability in the Gigya - Social optimization module 6.x before 6.x-3.2 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

SA-CONTRIB-2012-061 - Gigya - Social optimization - Cross Site Scripting (XSS)

CVE: CVE-2012-2117 The Gigya - Social optimization module provides a single API that aggregates authentication and social APIs from Facebook Connect, MySpace ID, Twitter, and OpenID webmail providers including Google, Yahoo, and AOL. The module doesn't sufficiently escape URL elements which are...

WordPress Gigya Socialize Plugin Cross-Site Scripting Vulnerabilities

No description provided by source. MustLive has discovered some vulnerabilities in the Gigya Socialize plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks. Input appended to the URL after "installation path/" is not properly sanitised before...

Vulnerabilities in plugin Gigya Socialize for WordPress

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Cross-Site Scripting и Full path disclosure уязвимостях в плагине Gigya Socialize для WordPress. XSS: http://site/?223E3Cscript3Ealert/XSS/3C/script3E XSS имеет место в логин виджете данного плагина. Full path disclosure:...

WordPress Plugin Gigya Socialize 1.01.1.x - Cross-Site Scripting

WordPress Plugin Gigya Socialize 1.01.1.x - Cross-Site Scripting source: https://www.securityfocus.com/bid/40582/info The Gigya Socialize Plugin for Wordpress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this...

Gigya Socialize 1.1.8 For WordPress Cross Site Scripting

Hello Bugtraq! I want to warn you about security vulnerabilities in plugin Gigya Socialize for WordPress. ----------------------------- Advisory: Vulnerabilities in Gigya Socialize for WordPress ----------------------------- URL: http://websecurity.com.ua/4153/ -----------------------------...

WordPress Plugin Gigya Socialize 1.0/1.1.x - Cross-Site Scripting

source: https://www.securityfocus.com/bid/40582/info The Gigya Socialize Plugin for Wordpress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

WordPress Gigya Socialize Plugin 1.0/1.1.x - Cross-Site Scripting Vulnerability

Gigya Socialize plugin is prone to a cross-site scripting vulnerability. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker can steal cookie-based authentication...