268 matches found
Zimbra - Cross-Site Scripting via ICS Files
Detects Zimbra Collaboration Suite versions vulnerable to CVE-2025-27915, a stored XSS vulnerability in the Classic Web Client due to insufficient sanitization of HTML content in ICS files. When a user views an email with a malicious ICS entry, embedded JavaScript executes via an ontoggle event...
EUVD-2026-30992
Missing Authorization vulnerability in Drupal Date iCal allows Forceful Browsing. This issue affects Date iCal: from 0.0.0 before 4.0.15...
CVE-2026-8495
Missing Authorization vulnerability in Drupal Date iCal allows Forceful Browsing. This issue affects Date iCal: from 0.0.0 before 4.0.15...
CVE-2026-8495 Date iCal - Critical - Information disclosure - SA-CONTRIB-2026-037
Missing Authorization vulnerability in Drupal Date iCal allows Forceful Browsing. This issue affects Date iCal: from 0.0.0 before 4.0.15...
CVE-2026-8495
The Date iCal Drupal module (Date iCal) is affected by a Missing Authorization vulnerability that allows forceful browsing. Affected versions are 0.0.0 through 4.0.14, with exploitation stemming from insufficient access checks and input sanitization in the iCal feed export functionality, which ex...
CVE-2026-8495 Date iCal - Critical - Information disclosure - SA-CONTRIB-2026-037
Missing Authorization vulnerability in Drupal Date iCal allows Forceful Browsing. This issue affects Date iCal: from 0.0.0 before 4.0.15...
DRUPAL-CONTRIB-2026-037
This module enables you to export entity date fields as iCal feeds. The module doesn't sufficiently check entity or field access or sanitize user inputs when generating iCal feeds. This vulnerability is not mitigated by any permission, the routes are accessible to all anonymous users with no...
CVE-2026-4801
The Page Builder Gutenberg Blocks – CoBlocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via external iCal feed data in all versions up to, and including, 3.1.16 due to insufficient output escaping of event titles, descriptions, and locations fetched from external iCal feeds...
CVE-2026-4801 Page Builder Gutenberg Blocks <= 3.1.16 - Authenticated (Contributor+) Stored Cross-Site Scripting via External iCal Feed Data
The Page Builder Gutenberg Blocks – CoBlocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via external iCal feed data in all versions up to, and including, 3.1.16 due to insufficient output escaping of event titles, descriptions, and locations fetched from external iCal feeds...
EUVD-2026-23650
The Page Builder Gutenberg Blocks – CoBlocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via external iCal feed data in all versions up to, and including, 3.1.16 due to insufficient output escaping of event titles, descriptions, and locations fetched from external iCal feeds...
CVE-2026-4801 Page Builder Gutenberg Blocks <= 3.1.16 - Authenticated (Contributor+) Stored Cross-Site Scripting via External iCal Feed Data
The Page Builder Gutenberg Blocks – CoBlocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via external iCal feed data in all versions up to, and including, 3.1.16 due to insufficient output escaping of event titles, descriptions, and locations fetched from external iCal feeds...
WordPress plugin Page Builder Gutenberg Blocks – CoBlocks 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
EUVD-2000-1060
Malware in sbrugna...
EUVD-2021-0192
Malware in sbrugna...
EUVD-2000-1058
Malware in sbrugna...
EUVD-2000-1057
Malware in sbrugna...
EUVD-2019-3373
Malware in sbrugna...
EUVD-2006-0928
Malware in sbrugna...
EUVD-2019-3376
Malware in sbrugna...
EUVD-2003-1253
Malware in sbrugna...