9 matches found
OESA-2022-2096 xmlrpc security update
Apache XML-RPC is a Java implementation of XML-RPC, a popular protocol that uses XML over HTTP to implement remote procedure calls. Apache XML-RPC was previously known as Helma XML-RPC. If you have code using the Helma library, all you should have to do is change the import statements in your cod...
[SECURITY] Fedora 28 Update: xmlrpc-3.1.3-20.fc28
Apache XML-RPC is a Java implementation of XML-RPC, a popular protocol that uses XML over HTTP to implement remote procedure calls. Apache XML-RPC was previously known as Helma XML-RPC. If you have code using the Helma library, all you should have to do is change the import statements in your cod...
Helma 1.5.3 Search Script Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/24880/info Helma is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser...
CVE-2007-3693-gobi.txt
http://int21.de/cve/CVE-2007-3693-gobi.txt Cross site scripting and information disclosure in gobi/helma security advisory References: http://gobi.helma.org/ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3693 Description: Cross site scripting describes attacks that allow to insert...
Helma 1.5.3 - Search Script Cross-Site Scripting
source: https://www.securityfocus.com/bid/24880/info Helma is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...
Helma 1.5.3 - Search Script Cross-Site Scripting
Helma 1.5.3 - Search Script Cross-Site Scripting source: https://www.securityfocus.com/bid/24880/info Helma is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code...
[Full-disclosure] CVE-2007-3693: Cross site scripting and information disclosure in gobi/helma
http://int21.de/cve/CVE-2007-3693-gobi.txt Cross site scripting and information disclosure in gobi/helma security advisory References: http://gobi.helma.org/ https://vulners.com/cve/CVE-2007-3693 Description: Cross site scripting describes attacks that allow to insert malicious html or javascript...
CVE-2007-3693
The CVE-2007-3693 issue affects the gobi CMS built on the Helma application server. The vulnerability is a cross-site scripting (XSS) flaw in the search function, where user input sent to the q parameter can be exploited to inject arbitrary HTML/JavaScript. The provided materials indicate that th...
CVE-2007-3693
Cross-site scripting XSS vulnerability in Gobi as of 20070711, built on Helma, allows remote attackers to inject arbitrary web script or HTML via the q parameter to the search function...