25 matches found
EUVD-2022-46693
Malicious code in bioql PyPI...
EUVD-2022-46695
Malicious code in bioql PyPI...
EUVD-2022-46692
Malicious code in bioql PyPI...
CVE-2022-43711
Interactive Forms IAF in GX Software XperienCentral versions 10.29.1 until 10.33.0 was vulnerable to cross site scripting attacks XSS because the CSP header uses eval in the script-src...
CVE-2022-43710
Interactive Forms IAF in GX Software XperienCentral versions 10.31.0 until 10.33.0 was vulnerable to cross site request forgery CSRF because the unique token could be deduced using the names of all input fields...
CVE-2022-43710
Interactive Forms IAF in GX Software XperienCentral versions 10.31.0 until 10.33.0 was vulnerable to cross site request forgery CSRF because the unique token could be deduced using the names of all input fields...
CVE-2022-43711
Interactive Forms IAF in GX Software XperienCentral versions 10.29.1 until 10.33.0 was vulnerable to cross site scripting attacks XSS because the CSP header uses eval in the script-src...
CVE-2022-43713
Interactive Forms IAF in GX Software XperienCentral versions 10.33.1 until 10.35.0 was vulnerable to invalid data input because form validation could be bypassed...
CVE-2022-43710
Interactive Forms IAF in GX Software XperienCentral versions 10.31.0 until 10.33.0 was vulnerable to cross site request forgery CSRF because the unique token could be deduced using the names of all input fields...
CVE-2022-43710
Interactive Forms IAF in GX Software XperienCentral versions 10.31.0 until 10.33.0 was vulnerable to cross site request forgery CSRF because the unique token could be deduced using the names of all input fields...
CVE-2022-43713
Interactive Forms IAF in GX Software XperienCentral versions 10.33.1 until 10.35.0 was vulnerable to invalid data input because form validation could be bypassed...
Cross site request forgery (csrf)
Interactive Forms IAF in GX Software XperienCentral versions 10.31.0 until 10.33.0 was vulnerable to cross site request forgery CSRF because the unique token could be deduced using the names of all input fields...
Cross site scripting
Interactive Forms IAF in GX Software XperienCentral versions 10.29.1 until 10.33.0 was vulnerable to cross site scripting attacks XSS because the CSP header uses eval in the script-src...
Input validation
Interactive Forms IAF in GX Software XperienCentral versions 10.33.1 until 10.35.0 was vulnerable to invalid data input because form validation could be bypassed...
CVE-2022-43713
Interactive Forms IAF in GX Software XperienCentral versions 10.33.1 until 10.35.0 was vulnerable to invalid data input because form validation could be bypassed...
CVE-2022-43711
GX Software XperienCentral (versions 10.29.1–10.33.0) is affected by a cross-site scripting (XSS) vulnerability caused by the CSP header using eval() in the script-src directive. The issue is tied to Interactive Forms (IAF) functionality and can be triggered via user interaction with the affected...
CVE-2022-43713
GX Software XperienCentral has an IAF validation bypass vulnerability (CVE-2022-43713) affecting versions 10.33.1 through 10.35.0, allowing invalid data input via Interactive Forms. The issue stems from bypassable form validation in IAF. Impact is mainly data integrity for inputs; CVSS indicates ...
CVE-2022-43710
Interactive Forms IAF in GX Software XperienCentral versions 10.31.0 until 10.33.0 was vulnerable to cross site request forgery CSRF because the unique token could be deduced using the names of all input fields...
CVE-2022-43713
Interactive Forms IAF in GX Software XperienCentral versions 10.33.1 until 10.35.0 was vulnerable to invalid data input because form validation could be bypassed...
CVE-2022-43711
Interactive Forms IAF in GX Software XperienCentral versions 10.29.1 until 10.33.0 was vulnerable to cross site scripting attacks XSS because the CSP header uses eval in the script-src...