Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.16 views

EUVD-2022-7362

Malicious code in bioql PyPI...

7.1CVSS6.3AI score0.00454EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/02/05 8:14 p.m.9 views

CVE-2022-4105

A stored XSS in a kiwi Test Plan can run malicious javascript which could be chained with an HTML injection to perform a UI redressing attack clickjacking and an HTML injection which disables the use of the history page...

7.1CVSS5.8AI score0.00454EPSS
Exploits1References1
NVD
NVD
added 2022/11/21 8:15 p.m.53 views

CVE-2022-4105

A stored XSS in a kiwi Test Plan can run malicious javascript which could be chained with an HTML injection to perform a UI redressing attack clickjacking and an HTML injection which disables the use of the history page...

7.1CVSS0.00454EPSS
Exploits1References2
Prion
Prion
added 2022/11/21 8:15 p.m.17 views

Design/Logic Flaw

A stored XSS in a kiwi Test Plan can run malicious javascript which could be chained with an HTML injection to perform a UI redressing attack clickjacking and an HTML injection which disables the use of the history page...

4.9CVSS5.3AI score0.00454EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/11/21 12:0 a.m.6 views

CVE-2022-4105 Cross-site Scripting (XSS) - Stored in kiwitcms/kiwi

A stored XSS in a kiwi Test Plan can run malicious javascript which could be chained with an HTML injection to perform a UI redressing attack clickjacking and an HTML injection which disables the use of the history page...

7.1CVSS5.4AI score0.00454EPSS
Exploits1References2
CVE
CVE
added 2022/11/21 12:0 a.m.84 views

CVE-2022-4105

CVE-2022-4105 refers to a stored XSS in Kiwi TCMS’s kiwi Test Plan. The vulnerability allows attacker-supplied JavaScript to execute in the context of the application, potentially enabling a chained HTML injection that can perform a UI redressing attack (clickjacking) and an HTML injection that d...

7.1CVSS5.6AI score0.00454EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2022/11/21 12:0 a.m.5 views

PT-2022-25655

Name of the Vulnerable Software and Affected Versions kiwi Test Plan affected versions not specified Description A stored XSS in a kiwi Test Plan can run malicious javascript, potentially chained with an HTML injection to perform a UI redressing attack, also known as clickjacking, and an HTML...

7.1CVSS6.7AI score0.00454EPSS
Exploits1References11
Rows per page
Query Builder