Lucene search
K

6 matches found

Veracode
Veracode
added 2025/12/24 10:11 a.m.5 views

Cross-Site Scripting (XSS)

ezsystems/ezplatform-admin-ui is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper escaping of user-controlled input in image asset names, content language names, and future publishing features, which allows an attacker with back-office editor or administrator privilege...

5.5AI score
Exploits0
OSV
OSV
added 2025/10/17 5:59 p.m.1 views

GHSA-2MX6-FQ24-G2MH ibexa/admin-ui has an XSS vulnerability in Cancel/Reschedule future publication modal

Impact This security advisory resolves an XSS vulnerability in image asset names, content language names and future publishing in the back office of the DXP. Back office access and varying levels of editing and management permissions are required to exploit this vulnerability. This typically mean...

4.8CVSS6.4AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2025/10/17 5:58 p.m.8 views

ezsystems/ezplatform-admin-ui has an XSS vulnerability in Cancel/Reschedule future publication modal

Impact This security advisory resolves an XSS vulnerability in image asset names, content language names and future publishing in the back office of the DXP. Back office access and varying levels of editing and management permissions are required to exploit this vulnerability. This typically mean...

6.4AI score
Exploits0References3Affected Software1
OSV
OSV
added 2025/02/03 8:45 a.m.2 views

MAL-2025-1191 Malicious code in update_image_asset (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 23a245eb7d761ba61f0ab7db2cc504abb690a09fb1fe2b995535390a48facab3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References3
OSV
OSV
added 2022/05/05 2:15 p.m.17 views

CVE-2021-42183

MasaCMS 7.2.1 is affected by a path traversal vulnerability in /index.cfm/api/asset/image/...

7.5CVSS6.8AI score0.04609EPSS
Exploits1References3
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/06/29 7:17 a.m.3 views

Multiple vulnerabilities in Cybozu Garoon

Overview Cybozu, Inc. has released security updates for Cybozu Garoon. CyVDB-2083 Vulnerability in Single sign-on settings to avoid viewing and operation privileges - CVE-2020-5580 CyVDB-2451 Path traversal vulnerability on the portal - CVE-2020-5581 CyVDB-2097 Vulnerability to bypass operation...

8.5CVSS6.6AI score0.018EPSS
Exploits0References24
Rows per page
Query Builder