CVE-2024-6487

The Inline Related Posts WordPress plugin before 3.8.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-6487 Inline Related Posts < 3.8.0 - Admin+ Stored XSS

The Inline Related Posts WordPress plugin before 3.8.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

PT-2024-37661 · WordPress · Inline Related Posts

Name of the Vulnerable Software and Affected Versions: Inline Related Posts WordPress plugin versions prior to 3.8.0 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This can occur even when the unfiltered html capability is...

OESA-2024-1893 firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security Fixes: Instruction reordering resulted in a sequence of instructions that would cause an object to be incorrectly considered during garbage collection. This led to memory...

SUSE CVE-2024-40971

In the Linux kernel, the following vulnerability has been resolved: f2fs: remove clear SBINLINECRYPT flag in defaultoptions In f2fsremount, SBINLINECRYPT flag will be clear and re-set. If create new file or open file during this gap, these files will not use inlinecrypt. Worse case, it may lead t...

CVE-2024-23794

An incorrect privilege assignment vulnerability in the inline editing functionality of OTRS can lead to privilege escalation. This flaw allows an agent with read-only permissions to gain full access to a ticket. This issue arises in very rare instances when an admin has previously enabled the...

CVE-2024-23794

An incorrect privilege assignment vulnerability in the inline editing functionality of OTRS can lead to privilege escalation. This flaw allows an agent with read-only permissions to gain full access to a ticket. This issue arises in very rare instances when an admin has previously enabled the...

CVE-2024-23794

CVE-2024-23794 affects OTRS and describes an incorrect privilege assignment vulnerability in the inline editing functionality that can enable a read-only agent to gain full access to a ticket when the system configuration’s inline editing setting (AgentFrontend::Ticket::InlineEditing::Property###...

CVE-2024-23794 Agents are able to lock the ticket without the "Owner" permission

An incorrect privilege assignment vulnerability in the inline editing functionality of OTRS can lead to privilege escalation. This flaw allows an agent with read-only permissions to gain full access to a ticket. This issue arises in very rare instances when an admin has previously enabled the...

CVE-2024-23794 Agents are able to lock the ticket without the "Owner" permission

An incorrect privilege assignment vulnerability in the inline editing functionality of OTRS can lead to privilege escalation. This flaw allows an agent with read-only permissions to gain full access to a ticket. This issue arises in very rare instances when an admin has previously enabled the...

PT-2024-20090 · Otrs · Otrs

Name of the Vulnerable Software and Affected Versions: OTRS versions 8.0.X OTRS versions 2023.X OTRS versions from 2024.X through 2024.4.x Description: An incorrect privilege assignment vulnerability in the inline editing functionality can lead to privilege escalation. This flaw allows an agent...

CloudBridge Virtual WAN PBR Mode and Inline Deployment Steps

This article depicts a step-by-step procedure to configure two CloudBridge Virtual WAN appliances: Data Center Appliance in PBR mode Virtual Inline Mode Branch Appliance in Inline mode...

FAQ: Fail-To-Wire Feature in CloudBridge 2000 and 3000 Appliances

This article is an FAQ on the Fail-To-Wire FTW functionality found in the new Citrix CloudBridge 2000 and Citrix CloudBridge 3000 appliances. Q: What is the supported software release? A : The FTW feature is supported with the following software releases: SVM build: NS 10.0.72.5007 CloudBridge...

UBUNTU-CVE-2024-40971

In the Linux kernel, the following vulnerability has been resolved: f2fs: remove clear SBINLINECRYPT flag in defaultoptions In f2fsremount, SBINLINECRYPT flag will be clear and re-set. If create new file or open file during this gap, these files will not use inlinecrypt. Worse case, it may lead t...

WordPress Inline Related Posts plugin < 3.7.0 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Inline Related Posts versions 3.7.0...

CVE-2024-5626

The Inline Related Posts WordPress plugin before 3.7.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-5626 Inline Related Posts < 3.7.0 - Reflected XSS

The Inline Related Posts WordPress plugin before 3.7.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

PT-2024-36775 · WordPress · Inline Related Posts

Name of the Vulnerable Software and Affected Versions: Inline Related Posts WordPress plugin versions prior to 3.7.0 Description: The issue is related to a Reflected Cross-Site Scripting problem. It occurs because a parameter is not properly sanitised and escaped before being outputted back in th...

WordPress Inline Related Posts Plugin < 3.7.0 is vulnerable to Cross Site Scripting (XSS)

Software Inline Related Posts Type Plugin Vulnerable versions 3.7.0 Fixed in 3.7.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5626 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e490330be604 Credits Dmitrii Ignatye...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure of the f2fs file system to properly handle the SBINLINECRYPT flag during remounts...