5125 matches found
Liferay Portal and Liferay DXP Security Vulnerabilities
Liferay Portal and Liferay DXP are both products of Liferay Inc.Liferay Portal is a J2EE-based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP ...
CVE-2024-24870
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Michael Dempfle Advanced iFrame allows Stored XSS.This issue affects Advanced iFrame: from n/a through 2023.10...
CVE-2024-24870
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Michael Dempfle Advanced iFrame allows Stored XSS.This issue affects Advanced iFrame: from n/a through 2023.10...
Cross site scripting
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Michael Dempfle Advanced iFrame allows Stored XSS.This issue affects Advanced iFrame: from n/a through 2023.10...
CVE-2024-24870 WordPress Advanced iFrame Plugin <= 2023.10 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Michael Dempfle Advanced iFrame allows Stored XSS.This issue affects Advanced iFrame: from n/a through 2023.10...
CVE-2024-24870 WordPress Advanced iFrame Plugin <= 2023.10 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Michael Dempfle Advanced iFrame allows Stored XSS.This issue affects Advanced iFrame: from n/a through 2023.10...
CVE-2024-24870
The CVE-2024-24870 entry describes a Stored XSS in the WordPress Advanced iFrame plugin (≤ 2023.10) due to Improper Neutralization of Input During Web Page Generation. Affected component: Advanced iFrame plugin; root cause: insufficient input sanitization/escaping in the advanced_iframe context. ...
WordPress plugin Advanced iFrame cross-site scripting vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
Medium: firefox
Issue Overview: An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7. CVE-2024-0741 It was possible for certain browser prompts and dialogs to b...
PT-2024-20626 · Unknown · Advanced Iframe
Name of the Vulnerable Software and Affected Versions: Advanced iFrame versions through 2023.10 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Stored XSS. This means that an attacker can inject malicio...
Protection Mechanism Failure
firefox is vulnerable to Protection Mechanism Failure. The vulnerability is due to a parent page loading a child in an iframe with unsafe-inline, allowing the parent Content Security Policy to override the child's...
WordPress Plugin Advanced iFrame Cross-Site Scripting Vulnerability
WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress plugin Advanced iFrame, which stems from insufficient input cleanup and output escapi...
WordPress Advanced iFrame Plugin <= 2023.10 is vulnerable to Cross Site Scripting (XSS)
Software Advanced iFrame Type Plugin Vulnerable versions = 2023.10 Fixed in 2024.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-24870 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 5ac08cfdc818 Credits LVT-tholv2k Required privilege...
CVE-2023-51690
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Advanced iFrame allows Stored XSS.This issue affects Advanced iFrame: from n/a through 2023.8...
CVE-2023-51690
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Advanced iFrame allows Stored XSS.This issue affects Advanced iFrame: from n/a through 2023.8...
Cross site scripting
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Advanced iFrame allows Stored XSS.This issue affects Advanced iFrame: from n/a through 2023.8...
CVE-2023-51690 WordPress Advanced iFrame Plugin <= 2023.8 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Advanced iFrame allows Stored XSS.This issue affects Advanced iFrame: from n/a through 2023.8...
CVE-2023-51690 WordPress Advanced iFrame Plugin <= 2023.8 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Advanced iFrame allows Stored XSS.This issue affects Advanced iFrame: from n/a through 2023.8...
CVE-2023-51690
CVE-2023-51690 affects the WordPress WordPress Advanced iFrame plugin. The vulnerability is an Improper Neutralization of Input During Web Page Generation, i.e., a Stored Cross-Site Scripting (XSS) issue in the plugin’s input handling. Affected versions are
CVE-2023-7069
The Advanced iFrame plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'advancediframe' shortcode in all versions up to, and including, 2023.10 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...