EUVD-2019-18925

Malware in sbrugna...

Cross-site Scripting (XSS)

craftcms is vulnerable to Cross-site Scripting XSS. The vulnerability exists because it does not handle the header insertion field when adding source code at an s/admin/entries/news/new URI...

CVE-2019-9554

In the 3.1.12 Pro version of Craft CMS, XSS has been discovered in the header insertion field when adding source code at an s/admin/entries/news/new URI...

CVE-2019-9554

In the 3.1.12 Pro version of Craft CMS, XSS has been discovered in the header insertion field when adding source code at an s/admin/entries/news/new URI...

Code injection

In the 3.1.12 Pro version of Craft CMS, XSS has been discovered in the header insertion field when adding source code at an s/admin/entries/news/new URI...

CVE-2019-9554

In the 3.1.12 Pro version of Craft CMS, XSS has been discovered in the header insertion field when adding source code at an s/admin/entries/news/new URI...

Craft CMS Cross-Site Scripting Vulnerability (CNVD-2019-06339)

Craft CMS is a content management system CMS. A cross-site scripting vulnerability exists in the header insertion field in Craft CMS version 3.1.12 Pro. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...

PYSEC-2017-87

A HTTP/2 implementation built using any version of the Python HPACK library between v1.0.0 and v2.2.0 could be targeted for a denial of service attack, specifically a so-called "HPACK Bomb" attack. This attack occurs when an attacker inserts a header field that is exactly the size of the HPACK...

IBM Curam Social Program Management Universal Access Component CRLF Injection Vulnerability

IBM Curam Social Program Management is a suite of social program management solutions from IBM in the United States that supports the end-to-end social program delivery process.Universal Access is one of the universal access components. A CRLF injection vulnerability exists in the implementation ...