[SECURITY] Fedora 43 Update: rust-tealdeer-1.7.2-4.fc43

Fetch and show tldr help pages for many CLI commands. Full featured offline client with caching support...

[SECURITY] Fedora 38 Update: rust-tealdeer-1.6.1-5.fc38

Fetch and show tldr help pages for many CLI commands. Full featured offline client with caching support...

Fedora: Security Advisory for rust-tealdeer (FEDORA-2023-37ae269843)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 37 Update: rust-tealdeer-1.6.1-2.fc37

Fetch and show tldr help pages for many CLI commands. Full featured offline client with caching support...

PT-2022-27345 · Unknown · Rukovoditel

Name of the Vulnerable Software and Affected Versions: Rukovoditel version 3.2.1 Description: The issue is related to a stored cross-site scripting XSS vulnerability in the Add Page function at "/index.php?module=help pages/pages&entities id=24". This allows attackers to execute arbitrary web...

Rukovoditel 跨站脚本漏洞

Rukovoditel is a set of Web-based open source project management software from the Rukovoditel team. The software has project management, customer relationship management and other functions. Rukovoditel v3.2.1 version of a security vulnerability , the vulnerability stems from the Add Page functi...

Information Exposure

Overview org.jenkins-ci.main:jenkins-core is an open source automation server. Affected versions of this package are vulnerable to Information Exposure via the sidepanel widgets in the CLI command overview and help pages. An attacker can obtain sensitive information by making a direct request to...

CVE-2022-23165

Sysaid – Sysaid 14.2.0 Reflected Cross-Site Scripting XSS - The parameter "helpPageName" used by the page "/help/treecontent.jsp" suffers from a Reflected Cross-Site Scripting vulnerability. For an attacker to exploit this Cross-Site Scripting vulnerability, it's necessary for the affected produc...

CVE-2022-23165

Sysaid – Sysaid 14.2.0 Reflected Cross-Site Scripting XSS - The parameter "helpPageName" used by the page "/help/treecontent.jsp" suffers from a Reflected Cross-Site Scripting vulnerability. For an attacker to exploit this Cross-Site Scripting vulnerability, it's necessary for the affected produc...

CVE-2022-23165 Sysaid – Sysaid 14.2.0 Reflected Cross-Site Scripting (XSS)

Sysaid – Sysaid 14.2.0 Reflected Cross-Site Scripting XSS - The parameter "helpPageName" used by the page "/help/treecontent.jsp" suffers from a Reflected Cross-Site Scripting vulnerability. For an attacker to exploit this Cross-Site Scripting vulnerability, it's necessary for the affected produc...

CVE-2022-23165

Sysaid – Sysaid 14.2.0 Reflected Cross-Site Scripting XSS - The parameter "helpPageName" used by the page "/help/treecontent.jsp" suffers from a Reflected Cross-Site Scripting vulnerability. For an attacker to exploit this Cross-Site Scripting vulnerability, it's necessary for the affected produc...

CVE-2022-1019

Automated Logic's WebCtrl Server Version 6.1 'Help' index pages are vulnerable to open redirection. The vulnerability allows an attacker to send a maliciously crafted URL which could result in redirecting the user to a malicious webpage or downloading a malicious file...

CVE-2020-27735

An XSS issue was discovered in Wing FTP 6.4.4. An arbitrary IFRAME element can be included in the help pages via a crafted link, leading to the execution of sandboxed arbitrary HTML and JavaScript in the user's browser...

Cross site scripting

An XSS issue was discovered in Wing FTP 6.4.4. An arbitrary IFRAME element can be included in the help pages via a crafted link, leading to the execution of sandboxed arbitrary HTML and JavaScript in the user's browser...

CVE-2020-27735

An XSS issue was discovered in Wing FTP 6.4.4. An arbitrary IFRAME element can be included in the help pages via a crafted link, leading to the execution of sandboxed arbitrary HTML and JavaScript in the user's browser...

Cross site scripting

SURFnet OpenConext EngineBlock version 5.7.0 to 5.7.3 contains a Cross Site Scripting XSS vulnerability that can result in Allows an attacker to inject arbitrary web scripts or HTML into help and login pages. This attack appear to be exploitable via the victim opening a specially crafted URL...

CVE-2017-14372

RSA Archer GRC Platform prior to 6.2.0.5 is affected by reflected cross-site scripting vulnerabilities via certain RSA Archer Help pages. Attackers could potentially exploit this to execute arbitrary HTML in the user's browser session in the context of the affected RSA Archer application...

jenkins: Information disclosure via sidepanel (SECURITY-192)

The sidepanel widgets in the CLI command overview and help pages in Jenkins before 1.638 and LTS before 1.625.2 allow remote attackers to obtain sensitive information via a direct request to the pages...

CloudBees Jenkins Information Disclosure Vulnerability (CNVD-2015-07825)

CloudBees Jenkins is the open source continuous integration server. A security vulnerability exists in the sidepanel widget in the CLI command overview and help pages of CloudBees Jenkins 1.638, LTS before 1.625.2, which allows remote attackers to obtain sensitive information by directly requesti...

Information disclosure

The sidepanel widgets in the CLI command overview and help pages in Jenkins before 1.638 and LTS before 1.625.2 allow remote attackers to obtain sensitive information via a direct request to the pages...