Cross-Site Scripting

Liferay portal is vulnerable to reflected cross-site scripting XSS. The vulnerability is due to insufficient input validation that allows remote attackers to inject arbitrary web script or HTML via a crafted payload into the “Blocked Email Domains” text field in the instance settings for Accounts...

PT-2023-14158 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions 15.3 through 15.7.7 GitLab versions 15.8.0 through 15.8.3 GitLab versions 15.9.0 through 15.9.1 Description: An issue has been discovered in GitLab where Google IAP details in Prometheus integration were not hidden and could b...

Zitadel RefreshToken invalidation vulnerability

Impact RefreshTokens is an OAuth 2.0 feature that allows applications to retrieve new access tokens and refresh the user's session without the need for interacting with a UI. RefreshTokens were not invalidated when a user was locked or deactivated. The deactivated or locked user was able to obtai...

GHSA-6RRR-78XP-5JP8 Zitadel RefreshToken invalidation vulnerability

Impact RefreshTokens is an OAuth 2.0 feature that allows applications to retrieve new access tokens and refresh the user's session without the need for interacting with a UI. RefreshTokens were not invalidated when a user was locked or deactivated. The deactivated or locked user was able to obtai...

How to Use Variables in Configuration Jobs on NetScaler MAS

A configuration job is a set of configuration commands that you can execute on one or more managed instances. When you execute the same configuration on multiple instances, you might want to use different values for the parameters used in your configuration. You can define variables that enable y...