11 matches found
Stored-XSS-Vulnerability-Lab-Detection-Mitigation-
Stored Cross-Site Scripting XSS Vulnerability Report Exe...
Cinnamon kotaemon 安全漏洞
Cinnamon kotaemon is a RAG-based open source tool from Cinnamon Open Source. A security vulnerability exists in Cinnamon kotaemon version 0.11.0, which originates from storing plaintext passwords in client-side localStorage...
EUVD-2016-5692
Malware in sbrugna...
EUVD-2019-13781
Malware in sbrugna...
EUVD-2019-13784
Malware in sbrugna...
EUVD-2018-12147
Malware in sbrugna...
EUVD-2017-9965
Malware in sbrugna...
CVE-2022-38383
IBM Cloud Pak for Security CP4S 1.10.0.0 through 1.10.11.0 and IBM QRadar Software Suite 1.10.12.0 through 1.10.21.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 233673...
CVE-2022-44017
An issue was discovered in Simmeth Lieferantenmanager before 5.6. Due to errors in session management, an attacker can log back into a victim's account after the victim logged out - /LMS/LM/main can be used for this. This is due to the credentials not being cleaned from the local storage after...
ceph-dashboard: Don't use Browser's LocalStorage for storing JWT but Secure Cookies with proper HTTP Headers
A flaw was found in ceph-dashboard. The JSON Web Token JWT used for user authentication is stored by the frontend application in the browser’s localStorage which is potentially vulnerable to attackers via XSS attacks. The highest threat from this vulnerability is to data confidentiality and...
CVE-2020-4650
IBM Maximo Spatial Asset Management 7.6.0.3, 7.6.0.4, 7.6.0.5, and 7.6.1.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 186023...