12 matches found
EUVD-2024-2392
Malicious code in bioql PyPI...
CVE-2024-50351
LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Reflected Cross-Site Scripting XSS vulnerability in the "section" parameter of the "logs" tab of a device allows attackers to inject arbitrary JavaScript. This vulnerability results in the execution of malicious code wh...
CVE-2024-6578
A stored cross-site scripting XSS vulnerability exists in aimhubio/aim version 3.19.3. The vulnerability arises from the improper neutralization of input during web page generation, specifically in the logs-tab for runs. The terminal output logs are displayed using the dangerouslySetInnerHTML...
Cross-site Scripting (XSS)
Overview librenms/librenms is a fully featured network monitoring system that provides a wealth of features and device support. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the section parameter on the "logs" tab, due to a lack of sanitization in the reportthis...
LibreNMS has a Reflected XSS ('Cross-site Scripting') in librenms/includes/functions.php
Summary A Reflected Cross-Site Scripting XSS vulnerability in the "section" parameter of the "logs" tab of a device allows attackers to inject arbitrary JavaScript. This vulnerability results in the execution of malicious code when a user accesses the page with a malicious "section" parameter,...
Stored Cross Site Scripting (XSS)
aim is vulnerable to a Stored Cross Site Scripting XSS. The vulnerability is due to improper input neutralization in the logs-tab, which uses dangerouslySetInnerHTML in React. The vulnerability allows an attacker to inject malicious scripts into the logs...
GHSA-P9F2-JG9W-CX69 Aim Stored Cross-site Scripting Vulnerability
A stored cross-site scripting XSS vulnerability exists in aimhubio/aim version 3.19.3. The vulnerability arises from the improper neutralization of input during web page generation, specifically in the logs-tab for runs. The terminal output logs are displayed using the dangerouslySetInnerHTML...
CVE-2024-6578
A stored cross-site scripting XSS vulnerability exists in aimhubio/aim version 3.19.3. The vulnerability arises from the improper neutralization of input during web page generation, specifically in the logs-tab for runs. The terminal output logs are displayed using the dangerouslySetInnerHTML...
CVE-2024-6578
A stored cross-site scripting XSS vulnerability exists in aimhubio/aim version 3.19.3. The vulnerability arises from the improper neutralization of input during web page generation, specifically in the logs-tab for runs. The terminal output logs are displayed using the dangerouslySetInnerHTML...
CVE-2024-6578 Stored XSS in aimhubio/aim
A stored cross-site scripting XSS vulnerability exists in aimhubio/aim version 3.19.3. The vulnerability arises from the improper neutralization of input during web page generation, specifically in the logs-tab for runs. The terminal output logs are displayed using the dangerouslySetInnerHTML...
CVE-2024-6578 Stored XSS in aimhubio/aim
A stored cross-site scripting XSS vulnerability exists in aimhubio/aim version 3.19.3. The vulnerability arises from the improper neutralization of input during web page generation, specifically in the logs-tab for runs. The terminal output logs are displayed using the dangerouslySetInnerHTML...
PT-2024-37732 · Aimhubio · Aim
Name of the Vulnerable Software and Affected Versions: aimhubio/aim version 3.19.3 Description: A stored cross-site scripting XSS issue exists due to the improper neutralization of input during web page generation, specifically in the logs-tab for runs. The terminal output logs are displayed usin...