4 matches found
Cross-site Scripting (XSS)
passbolt/passboltapi is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper sanitization of user input, allowing an attacker to inject malicious scripts into the user's first and last name fields, which execute when the setup link in the invitation email is accessed...
ToolJet Code Injection Vulnerability
A code injection vulnerability exists in ToolJet v0.6.0 through v1.10.2, which stems from a lack of data validation filtering of user-supplied data and output in the first and last name fields of the invitation email. An attacker could exploit this vulnerability to inject malicious code when...
ToolJet 跨站脚本漏洞
A code injection vulnerability exists in ToolJet v0.6.0 through v1.10.2, which stems from a lack of data validation filtering of user-supplied data and output in the first and last name fields of the invitation email. An attacker could exploit this vulnerability to inject malicious code when...
Security update 1970-01-01
...