26 matches found
EUVD-2015-7840
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2015-7943
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.41, the jQuery Update module 7.x-2.x before 7.x-2.7 for Drupal, and the LABjs module...
ovirt-engine security update
4.4.10.7-1.0.33 - Fix external providers properties observability 4.4.10.7-1.0.32 - Upgrade bundled frontend dependency of jquery-ui 4.4.10.7-1.0.31 - Allow enrolling certificates in non-responsive state and Extend the lifetime of non-web certificates 4.4.10.7-1.0.30 - Fix network exception...
Tenable Nessus Network Monitor < 5.11.0 Multiple Vulnerabilities (TNS-2019-08)
Tenable Nessus Network Monitor is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
GHSA-5VPR-V24W-MMJJ Drupal cross site scripting vulnerability
A jQuery cross site scripting vulnerability is present when making Ajax requests to untrusted domains. This vulnerability is mitigated by the fact that it requires contributed or custom modules in order to exploit. For Drupal 8, this vulnerability was already fixed in Drupal 8.4.0 in the Drupal...
Drupal cross site scripting vulnerability
A jQuery cross site scripting vulnerability is present when making Ajax requests to untrusted domains. This vulnerability is mitigated by the fact that it requires contributed or custom modules in order to exploit. For Drupal 8, this vulnerability was already fixed in Drupal 8.4.0 in the Drupal...
Drupal core - Moderately critical - Cross site scripting - SA-CORE-2022-002
jQuery UI is a third-party library used by Drupal. This library was previously thought to be end-of-life. Late in 2021, jQuery UI announced that they would be continuing development, and released a jQuery UI 1.13.0 version. In addition to the issue covered by SA-CORE-2022-001, further security...
Update jQuery to avoid CVE-2020-11022 and CVE-2020-11023
h3. Issue Summary Currently, Jira runs with jQuery version 2.2.4, which is susceptible to the following vulnerabilities: https://nvd.nist.gov/vuln/detail/CVE-2020-11023 https://nvd.nist.gov/vuln/detail/CVE-2020-11022 h3. Steps to Reproduce - h3. Expected Results We should update the version of...
UBUNTU-CVE-2017-6929
A jQuery cross site scripting vulnerability is present when making Ajax requests to untrusted domains. This vulnerability is mitigated by the fact that it requires contributed or custom modules in order to exploit. For Drupal 8, this vulnerability was already fixed in Drupal 8.4.0 in the Drupal...
CVE-2017-6929
A jQuery cross site scripting vulnerability is present when making Ajax requests to untrusted domains. This vulnerability is mitigated by the fact that it requires contributed or custom modules in order to exploit. For Drupal 8, this vulnerability was already fixed in Drupal 8.4.0 in the Drupal...
Fedora 25 : mrbs (2017-b5bcfedf10)
Changes since MRBS 1.6.1 : - Fixed a number of security issues in MRBS that were disclosed to the project by SySS GmbH, including XSS, CSRF protection and session fixation. - Improved behaviour of browser caching in MRBS. - Improved localisation, especially the use of colons in labels. - Added ne...
Open redirect
Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.41, the jQuery Update module 7.x-2.x before 7.x-2.7 for Drupal, and the LABjs module 7.x-1.x before 7.x-1.8 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vector...
CVE-2015-7943
Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.41, the jQuery Update module 7.x-2.x before 7.x-2.7 for Drupal, and the LABjs module 7.x-1.x before 7.x-1.8 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vector...
UBUNTU-CVE-2015-7943
Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.41, the jQuery Update module 7.x-2.x before 7.x-2.7 for Drupal, and the LABjs module 7.x-1.x before 7.x-1.8 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vector...
CVE-2015-7943
Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.41, the jQuery Update module 7.x-2.x before 7.x-2.7 for Drupal, and the LABjs module 7.x-1.x before 7.x-1.8 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vector...
CVE-2015-7943
Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.41, the jQuery Update module 7.x-2.x before 7.x-2.7 for Drupal, and the LABjs module 7.x-1.x before 7.x-1.8 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vector...
CVE-2015-7943
Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.41, the jQuery Update module 7.x-2.x before 7.x-2.7 for Drupal, and the LABjs module 7.x-1.x before 7.x-1.8 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vector...
CVE-2015-7943
CVE-2015-7943 describes an open redirect vulnerability in Drupal 7.x where the Overlay module does not sufficiently validate URLs, enabling redirects to arbitrary sites and phishing via unspecified vectors. Affected are: Drupal core Overlay module in 7.x before 7.41; the jQuery Update module (7.x...
CVE-2015-7943
Removed by vendor...
Fedora 22 : drupal7-jquery_update-2.6-1.fc22 (2015-3abe019550)
See jQuery Update - Less Critical - Open Redirect - SA- CONTRIB-2015-123 Changes since 7.x-2.5 3 commits: Updating overlay code to match core Issue 2466329 by hanoii: Update 1.7 to 1.7.2 Issue 1546668 by sergey.semashko, RobLoach: Update to jQuery 1.8.3 Note that Tenable Network Security has...