WordPress Slideshow jQuery Image Gallery Plugin <=2.1.12 - Multiple Vulnerabilities

This plugin is prone to reflected cross site scripting vulnerability in "views/SlideshowPlugin/slideshow.php", "views/SlideshowPluginPostType/settings.php", "views/SlideshowPluginPostType/style-settings.php" and full path disclosure in multiple scripts. Solution Update plugin...

WordPress Slideshow jQuery Image Gallery Plugin <=2.1.12 - Multiple Vulnerabilities

This plugin is prone to reflected cross site scripting vulnerability in "views/SlideshowPlugin/slideshow.php", "views/SlideshowPluginPostType/settings.php", "views/SlideshowPluginPostType/style-settings.php" and full path disclosure in multiple scripts. Solution Update plugin...

[SECURITY] Fedora 21 Update: drupal7-jquery_update-2.7-1.fc21

Upgrades the version of jQuery in Drupal core to a newer version of jQuery. This package provides the following Drupal module: jqueryupdate...

[SECURITY] Fedora 22 Update: drupal7-jquery_update-2.7-1.fc22

Upgrades the version of jQuery in Drupal core to a newer version of jQuery. This package provides the following Drupal module: jqueryupdate...

[SECURITY] Fedora 23 Update: drupal7-jquery_update-2.7-1.fc23

Upgrades the version of jQuery in Drupal core to a newer version of jQuery. This package provides the following Drupal module: jqueryupdate...

[SECURITY] Fedora 23 Update: drupal7-jquery_update-2.6-1.fc23

Upgrades the version of jQuery in Drupal core to a newer version of jQuery. This package provides the following Drupal module: jqueryupdate...

[SECURITY] Fedora 23 Update: drupal7-active_tags-2.0-0.9.alpha1.fc23

Active Tags adds a new option to free tagging taxonomies. If selected the taxonomy widget is replaced by a new jQuery enabled tag entry widget. This package provides the following Drupal 7 module: activetags...

[SECURITY] Fedora 22 Update: drupal7-active_tags-2.0-0.9.alpha1.fc22

Active Tags adds a new option to free tagging taxonomies. If selected the taxonomy widget is replaced by a new jQuery enabled tag entry widget. This package provides the following Drupal 7 module: activetags...

[SECURITY] Fedora 21 Update: drupal7-active_tags-2.0-0.9.alpha1.fc21

Active Tags adds a new option to free tagging taxonomies. If selected the taxonomy widget is replaced by a new jQuery enabled tag entry widget. This package provides the following Drupal 7 module: activetags...

[SECURITY] Fedora 22 Update: drupal7-jquery_update-2.6-1.fc22

Upgrades the version of jQuery in Drupal core to a newer version of jQuery. This package provides the following Drupal module: jqueryupdate...

jQuery Update - Less Critical - Open Redirect - SA-CONTRIB-2015-158

The jQuery Update module enables you to update jQuery on your site. The module ships with a modified version of the core Overlay JavaScript file, which is vulnerable to an open redirect attack see SA-CORE-2015-004. Only sites with the Overlay module enabled are vulnerable. An incomplete fix for...

Cross-Site Scripting

Overview Cross-site scripting XSS vulnerability in the DataTables plugin 1.10.8 and earlier for jQuery allows remote attackers to inject arbitrary web script or HTML via the scripts parameter to media/unittesting/templates/6776.php. Recommendation Update to a version greater than 1.10.8. Referenc...

CSRF Vulnerability

Overview Versions 1.0.3 and earlier of jquery-ujs are vulnerable to an information leakage attack that may enable attackers to launch CSRF attacks, as it allows attackers to send CSRF tokens to external domains. When an attacker controls the href attribute of an anchor tag, or the action attribut...

Colorbox - Access bypass - Less Critical - SA-CONTRIB-2015-156

This module allows for integration of Colorbox, a jQuery lightbox plugin, into Drupal. The module allows unprivileged users to add unexpected content to a Colorbox, including content from external sites. This allows an unprivileged user to deface a site. This vulnerability is mitigated by the fac...

Serendipity cross-site scripting vulnerability (CNVD-2015-06044)

Serendipity is a PHP-based blogging system developed by Serendipity team. The system supports the creation of online journals, blogs, web pages and more. A cross-site scripting vulnerability exists in the js/2k11.min.js file in Serendipity 2.0.1 and prior versions of the 2k11 theme, which stems...

X (Formerly Twitter): Multiple DOMXSS on Amplify Web Player

Hi, I would like to report multiple DOMXSS issues on https://amp.twimg.com/amplify-web-player/prod/source.html. Details: Please use latest IE to open all the PoCs because of CSP 1. $.get sink javascript define"data/playlist/withjsonloader", "require", "flight/lib/compose",...

CVE-2015-6584

Cross-site scripting XSS vulnerability in the DataTables plugin 1.10.8 and earlier for jQuery allows remote attackers to inject arbitrary web script or HTML via the scripts parameter to media/unittesting/templates/6776.php...

Cross site scripting

Cross-site scripting XSS vulnerability in the DataTables plugin 1.10.8 and earlier for jQuery allows remote attackers to inject arbitrary web script or HTML via the scripts parameter to media/unittesting/templates/6776.php...

DEBIAN-CVE-2015-6584

Cross-site scripting XSS vulnerability in the DataTables plugin 1.10.8 and earlier for jQuery allows remote attackers to inject arbitrary web script or HTML via the scripts parameter to media/unittesting/templates/6776.php...

CVE-2015-6584

Cross-site scripting XSS vulnerability in the DataTables plugin 1.10.8 and earlier for jQuery allows remote attackers to inject arbitrary web script or HTML via the scripts parameter to media/unittesting/templates/6776.php...