3 matches found
Cross-site Scripting (XSS)
Overview DotNetNuke.Core is a references provider to the DotNetNuke.dll to develop extensions for the DNN Platform. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the LogNotes function in the scheduler component. An attacker can execute arbitrary scripts in the...
CVE-2022-37140
PayMoney 3.3 is vulnerable to Client Side Remote Code Execution RCE. The vulnerability exists on the reply ticket function and upload the malicious file. A calculator will open when the victim who download the file open the RTF file...
TYPO3跨站脚本漏洞
TYPO3 is a free and open source content management system framework CMS/CMF from the TYPO3 Typo3 association in Switzerland.TYPO3 has a cross-site scripting vulnerability that stems from failure to properly parse, clean and encode malicious rich text content, and no detailed vulnerability details...