114 matches found
CVE-2023-4879 Cross-site Scripting (XSS) - Stored in instantsoft/icms2
Cross-site Scripting XSS - Stored in GitHub repository instantsoft/icms2 prior to 2.16.1.-git...
CVE-2023-4879 Cross-site Scripting (XSS) - Stored in instantsoft/icms2
Cross-site Scripting XSS - Stored in GitHub repository instantsoft/icms2 prior to 2.16.1.-git...
CVE-2023-4879
CVE-2023-4879 is a stored XSS vulnerability in the GitHub repository for instantsoft/icms2, affecting versions prior to 2.16.1.-git. The Red Hat and other records reiterate the same issue: stored cross-site scripting in icms2 before the 2.16.1.-git release. The PT Security/Huntr entries confirm t...
CVE-2023-4878 Server-Side Request Forgery (SSRF) in instantsoft/icms2
Server-Side Request Forgery SSRF in GitHub repository instantsoft/icms2 prior to 2.16.1-git...
CVE-2023-4878 Server-Side Request Forgery (SSRF) in instantsoft/icms2
Server-Side Request Forgery SSRF in GitHub repository instantsoft/icms2 prior to 2.16.1-git...
CVE-2023-4878 Server-Side Request Forgery (SSRF) in instantsoft/icms2
Server-Side Request Forgery SSRF in GitHub repository instantsoft/icms2 prior to 2.16.1-git...
CVE-2023-4878
CVE-2023-4878 affects instantsoft/icms2 prior to 2.16.1-git. The issue is a Server-Side Request Forgery (SSRF) vulnerability in the icms2 codebase. Root cause details are not explicitly described beyond SSRF in the provided documents. Impact is that an attacker could cause the server to make unin...
PT-2023-30961 · Unknown · Instantsoft/Icms2
Name of the Vulnerable Software and Affected Versions: instantsoft/icms2 versions prior to 2.16.1.-git. Description: The issue is related to Cross-site Scripting XSS - Stored, which affects the GitHub repository instantsoft/icms2. Recommendations: For versions prior to 2.16.1.-git, update to...
PT-2023-30958 · Unknown · Instantsoft/Icms2
Name of the Vulnerable Software and Affected Versions: instantsoft/icms2 versions prior to 2.16.1-git Description: The issue is related to Server-Side Request Forgery SSRF in the GitHub repository instantsoft/icms2. This allows an attacker to make unauthorized requests on behalf of the server...
CVE-2023-4704
External Control of System or Configuration Setting in GitHub repository instantsoft/icms2 prior to 2.16.1-git...
CVE-2023-4704 External Control of System or Configuration Setting in instantsoft/icms2
External Control of System or Configuration Setting in GitHub repository instantsoft/icms2 prior to 2.16.1-git...
CVE-2023-4704 External Control of System or Configuration Setting in instantsoft/icms2
External Control of System or Configuration Setting in GitHub repository instantsoft/icms2 prior to 2.16.1-git...
CVE-2023-4704
CVE-2023-4704 affects instantsoft/icms2 prior to 2.16.1-git, where an External Control of System or Configuration Setting vulnerability exists in the GitHub-hosted project. The Red Hat/NVD entries confirm the issue as an external control of configuration settings, enabling an attacker with networ...
CVE-2023-4652
Cross-site Scripting XSS - Stored in GitHub repository instantsoft/icms2 prior to 2.16.1-git...
CVE-2023-4653
Cross-site Scripting XSS - Stored in GitHub repository instantsoft/icms2 prior to 2.16.1-git...
CVE-2023-4655
Cross-site Scripting XSS - Reflected in GitHub repository instantsoft/icms2 prior to 2.16.1...
CVE-2023-4651
Server-Side Request Forgery SSRF in GitHub repository instantsoft/icms2 prior to 2.16.1...
CVE-2023-4650
Improper Access Control in GitHub repository instantsoft/icms2 prior to 2.16.1-git...
Improper access control
Improper Access Control in GitHub repository instantsoft/icms2 prior to 2.16.1-git...
Session fixation
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository instantsoft/icms2 prior to 2.16.1...