CVE-2020-37233

WordPress Plugin Buddypress 6.2.0 contains a persistent cross-site scripting vulnerability that allows authenticated attackers with moderator privileges to inject malicious script code through the figure parameter in wp:html blocks. Attackers can inject iframe elements with event handlers like...

justdial.com XSS vulnerability

Vulnerable URL: http://www.justdial.com/Pune%22%3E%3Ciframe/onload=alert%28/XSSPOSED/%29%3E/rk Details: Description| Value ---|--- Patched:| Yes, at 03.07.2017 Latest check for patch:| 03.07.2017 09:09 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 470 Google...

Opera Web Browser 7.5x IFrame OnLoad Address Bar URL Obfuscation Weakness

No description provided by source. source: http://www.securityfocus.com/bid/10679/info Opera Web Browser is prone to a security weakness that may permit malicious web pages to spoof address bar information. It is currently not known if this issue is related to the Opera Web Browser Address Bar...

openSUSE Security Update : roundcubemail (openSUSE-SU-2014:0365-1)

roundcubemail was updated to 0.9.5 to fix bugs and security issues. Fixed security issues : - CVE-2013-6172: vulnerability in handling session argument of utils/save-prefs New upstream release 0.9.5 bnc847179 CVE-2013-6172 - Fix failing vCard import when email address field contains spaces - Fix...