9 matches found
EUVD-2023-45655
Malicious code in bioql PyPI...
laurenceolivier.fr Cross Site Scripting vulnerability OBB-3907473
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Cross site scripting
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Laurence/OhMyBox.Info Simple Long Form allows Stored XSS.This issue affects Simple Long Form: from n/a through 2.2.2...
CVE-2023-41136
CVE-2023-41136 is a stored Cross-Site Scripting (XSS) vulnerability in the WordPress plugin Simple Long Form (aka OhMyBox.Info Simple Long Form). Affected versions are listed as
CVE-2023-41136 WordPress Simple Long Form Plugin <= 2.2.2 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Laurence/OhMyBox.Info Simple Long Form allows Stored XSS.This issue affects Simple Long Form: from n/a through 2.2.2...
laurence-combustibles.fr Cross Site Scripting vulnerability OBB-2333246
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
dr-sultan-laurence.chirurgiens-dentistes.fr Cross Site Scripting vulnerability OBB-1376536
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
SA-CONTRIB-2014-011 - Push Notifications - Information Disclosure
This module enables the delivery of push notifications to iOS and Android devices. The module doesn't sufficiently randomize the certificate filenames required for Apple's Push Notification service or protect the files from being publicly accessible, which could allow an attacker to acquire the...
SA-CONTRIB-2014-008 - Tribune - Cross Site Scripting (XSS)
A tribune is a type of chatroom. The module doesn't sufficiently filter user provided text from Tribune node titles. This vulnerability is mitigated by the fact that an attacker must have a role with the permission to create a Tribune node. CVE identifiers issued CVE-2014-8075 Versions affected...