MINI-GHG9-P33H-6V57

Bulletin has no description...

WordPress Greenhouse Job Board plugin cross-site scripting vulnerability

The WordPress Greenhouse Job Board plugin is a tool for integrating job listings from the Greenhouse.io recruiting platform into your WordPress site. The WordPress Greenhouse Job Board plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective...

CVE-2025-67633

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in brownbagmarketing Greenhouse Job Board greenhouse-job-board allows DOM-Based XSS.This issue affects Greenhouse Job Board: from n/a through = 2.7.3...

EUVD-2025-205274

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in brownbagmarketing Greenhouse Job Board greenhouse-job-board allows DOM-Based XSS.This issue affects Greenhouse Job Board: from n/a through = 2.7.3...

CVE-2025-67633

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in brownbagmarketing Greenhouse Job Board greenhouse-job-board allows DOM-Based XSS.This issue affects Greenhouse Job Board: from n/a through = 2.7.3...

CVE-2025-67633 WordPress Greenhouse Job Board plugin <= 2.7.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in brownbagmarketing Greenhouse Job Board greenhouse-job-board allows DOM-Based XSS.This issue affects Greenhouse Job Board: from n/a through = 2.7.3...

CVE-2025-67633 WordPress Greenhouse Job Board plugin <= 2.7.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in brownbagmarketing Greenhouse Job Board greenhouse-job-board allows DOM-Based XSS.This issue affects Greenhouse Job Board: from n/a through = 2.7.3...

CVE-2025-67633

CVE-2025-67633 is a DOM-based Cross-Site Scripting vulnerability in the Greenhouse Job Board WordPress plugin. Affected: Greenhouse Job Board versions up to 2.7.3 (inclusive); exposed component likely involved in web page generation/input handling. Initial data specifies Improper Neutralization o...

PT-2025-53249

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in brownbagmarketing Greenhouse Job Board greenhouse-job-board allows DOM-Based XSS.This issue affects Greenhouse Job Board: from n/a through = 2.7.3...

WordPress plugin Greenhouse Job Board 安全漏洞

The WordPress Greenhouse Job Board plugin is a tool for integrating job listings from the Greenhouse.io recruiting platform into your WordPress site. The WordPress Greenhouse Job Board plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective...

WordPress Greenhouse Job Board plugin <= 2.7.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Muhammad Nur Ibnu Hubab in WordPress Plugin Greenhouse Job Board versions = 2.7.3...

Navigating the Future of Scope 2: Balancing Impact and Practicality

The Greenhouse Gas Protocol’s Scope 2 revisions demand thoughtful action. Read how we’re prioritizing meaningful, measurable impact over rapid progress...

greenhouse-kit.us Cross Site Scripting vulnerability OBB-3484264

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

ebertsgreenhouse.com Cross Site Scripting vulnerability OBB-2132642

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Status.im: HTTP Parameter Pollution with semicolons in iframe allows loading external Greenhouse forms

Summary: Status.im uses Greenhouse for job applications, specifically the older Greenhouse integration which relies on iframes. The ghjid URL parameter is used to load the correct form in the iframe. HTML characters are escaped, but using semicolons you can inject URL parameters into the iframe v...

Greening the Digital Economy

COVID-19 and related quarantine protocols have pushed the world even more online than it already was. Global energy consumption for all things digital has been increasing by about 9% per year between 2015 and 2020, and is tracking to be responsible for about 8% of greenhouse gas GHG emission by...

Greenhouse.io: SSH port on store.greenhouse.io is vulnerable to brute force attacks

Open SSH port found on third party vendor...

HackerOne: HTTP Parameter Pollution using semicolons in iframe element at hackerone.com/careers allows loading external Greenhouse forms

Summary: I noticed that HackerOne career pages loads it's application forms from Greenhouse.io via an iframe. The ghjid parameter value is taken into the iframe element for the token parameter in the iframe URL boards.greenhouse.io. Any html characters are escaped in order to avoid XSS and possib...