2131 matches found
GHSA-RH5W-82WH-JHR8 XSS vulnerability on asset view
Impact Mautic versions before 3.3.4 / 4.0.0 are vulnerable to an inline JS XSS attack when viewing Mautic assets by utilizing inline JS in the title and adding a broken image URL as a remote asset. This can only be leveraged by an authenticated user with permission to create or edit assets. Patch...
Mautic Cross-Site Scripting Vulnerability (CNVD-2021-70087)
Mautic is an open source marketing automation software that monitors and manages websites, sends emails and manages customer resources. Mautic is vulnerable to a cross-site scripting vulnerability that stems from Mautic being vulnerable to an inline JS XSS attack when viewing Mautic assets by usi...
CVE-2021-27911
Mautic versions before 3.3.4/4.0.0 are vulnerable to an inline JS XSS attack through the contact's first or last name and triggered when viewing a contact's details page then clicking on the action drop down and hovering over the Campaigns button. Contact first and last name can be populated from...
CVE-2021-27912
Mautic versions before 3.3.4/4.0.0 are vulnerable to an inline JS XSS attack when viewing Mautic assets by utilizing inline JS in the title and adding a broken image URL as a remote asset. This can only be leveraged by an authenticated user with permission to create or edit assets...
CVE-2021-27912
Mautic versions before 3.3.4/4.0.0 are vulnerable to an inline JS XSS attack when viewing Mautic assets by utilizing inline JS in the title and adding a broken image URL as a remote asset. This can only be leveraged by an authenticated user with permission to create or edit assets...
Cross site scripting
Mautic versions before 3.3.4/4.0.0 are vulnerable to an inline JS XSS attack when viewing Mautic assets by utilizing inline JS in the title and adding a broken image URL as a remote asset. This can only be leveraged by an authenticated user with permission to create or edit assets...
CVE-2021-27912 XSS vulnerability on asset view
Mautic versions before 3.3.4/4.0.0 are vulnerable to an inline JS XSS attack when viewing Mautic assets by utilizing inline JS in the title and adding a broken image URL as a remote asset. This can only be leveraged by an authenticated user with permission to create or edit assets...
CVE-2021-27912
The CVE-2021-27912 entry describes an inline JavaScript XSS vulnerability in Mautic assets that affects versions before 3.3.4/4.0.0. An authenticated user with permission to create or edit assets can leverage inline JS in asset titles and a broken image URL to perform the attack. The most consist...
CVE-2021-27911 XSS vulnerability on contacts view
Mautic versions before 3.3.4/4.0.0 are vulnerable to an inline JS XSS attack through the contact's first or last name and triggered when viewing a contact's details page then clicking on the action drop down and hovering over the Campaigns button. Contact first and last name can be populated from...
PT-2021-4245 · Linux +7 · Linux Kernel +7
Name of the Vulnerable Software and Affected Versions: Linux kernel versions up to 5.13.13 Description: A race condition was discovered in the ext4 write inline data end function in the ext4 subsystem. This issue may allow an attacker to impact the integrity, availability, and confidentiality of...
Mautic 跨站脚本漏洞
Mautic is an open source marketing automation software that monitors and manages websites, sends emails and manages customer resources. Mautic is vulnerable to a cross-site scripting vulnerability that stems from Mautic being vulnerable to an inline JS XSS attack when viewing Mautic assets by usi...
DEBIAN-CVE-2021-29988
Firefox incorrectly treated an inline list-item element as a block element, resulting in an out of bounds read or memory corruption, and a potentially exploitable crash. This vulnerability affects Thunderbird 78.13, Thunderbird 91, Firefox ESR 78.13, and Firefox 91...
Design/Logic Flaw
Firefox incorrectly treated an inline list-item element as a block element, resulting in an out of bounds read or memory corruption, and a potentially exploitable crash. This vulnerability affects Thunderbird 78.13, Thunderbird 91, Firefox ESR 78.13, and Firefox 91...
CVE-2021-29988
Firefox incorrectly treated an inline list-item element as a block element, resulting in an out of bounds read or memory corruption, and a potentially exploitable crash. This vulnerability affects Thunderbird 78.13, Thunderbird 91, Firefox ESR 78.13, and Firefox 91...
Mozilla: Memory corruption as a result of incorrect style treatment
Firefox incorrectly treated an inline list-item element as a block element, resulting in an out of bounds read or memory corruption, and a potentially exploitable crash. This vulnerability affects Thunderbird 78.13, Thunderbird 91, Firefox ESR 78.13, and Firefox 91...
Mozilla: Memory corruption as a result of incorrect style treatment
Firefox incorrectly treated an inline list-item element as a block element, resulting in an out of bounds read or memory corruption, and a potentially exploitable crash. This vulnerability affects Thunderbird 78.13, Thunderbird 91, Firefox ESR 78.13, and Firefox 91...
Mozilla: Memory corruption as a result of incorrect style treatment
Firefox incorrectly treated an inline list-item element as a block element, resulting in an out of bounds read or memory corruption, and a potentially exploitable crash. This vulnerability affects Thunderbird 78.13, Thunderbird 91, Firefox ESR 78.13, and Firefox 91...
Mozilla: Memory corruption as a result of incorrect style treatment
Firefox incorrectly treated an inline list-item element as a block element, resulting in an out of bounds read or memory corruption, and a potentially exploitable crash. This vulnerability affects Thunderbird 78.13, Thunderbird 91, Firefox ESR 78.13, and Firefox 91...
Mozilla: Memory corruption as a result of incorrect style treatment
Firefox incorrectly treated an inline list-item element as a block element, resulting in an out of bounds read or memory corruption, and a potentially exploitable crash. This vulnerability affects Thunderbird 78.13, Thunderbird 91, Firefox ESR 78.13, and Firefox 91...
Mozilla: Memory corruption as a result of incorrect style treatment
Firefox incorrectly treated an inline list-item element as a block element, resulting in an out of bounds read or memory corruption, and a potentially exploitable crash. This vulnerability affects Thunderbird 78.13, Thunderbird 91, Firefox ESR 78.13, and Firefox 91...