Lucene search
K

52 matches found

Positive Technologies
Positive Technologies
added 2020/07/14 12:0 a.m.8 views

PT-2020-12540 · October +1 · October Cms +1

Name of the Vulnerable Software and Affected Versions: October CMS versions 1.0.319 through 1.0.465 RainLab.Blog plugin versions prior to 1.4.1 Description: A user with access to a markdown FormWidget that stores data persistently could create a stored XSS attack against themselves and any other...

4.8CVSS4.8AI score0.01148EPSS
Exploits3References9
CNVD
CNVD
added 2019/12/23 12:0 a.m.3 views

GitLab Resource Management Error Vulnerability (CNVD-2020-03053)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A resource management error vulnerability exists in GitLa...

6.5CVSS6.7AI score0.01198EPSS
Exploits1References1
OSV
OSV
added 2019/09/09 8:15 p.m.6 views

UBUNTU-CVE-2019-6785

An issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It allows Denial of Service. Inputting an overly long string into a Markdown field could cause a denial of service...

6.5CVSS6.8AI score0.01255EPSS
Exploits1References3
CNVD
CNVD
added 2019/07/23 12:0 a.m.2 views

RANGER Studio Directus Cross-Site Scripting Vulnerability

RANGER Studio Directus is the United States RANGER Studio company's set of open source for managing custom databases open source headless CMS and API. A cross-site scripting vulnerability exists in the interfaces/markdown/input.vue file in RANGER Studio Directus version 7 prior to Application...

5.3CVSS6.4AI score0.01103EPSS
Exploits0References1
CNVD
CNVD
added 2019/01/16 12:0 a.m.3 views

JPress Cross-Site Scripting Vulnerability (CNVD-2019-01670)

JPress is a set of blogging platform developed using the Java language. A cross-site scripting vulnerability exists in JPress version 1.0.4, which can be exploited by remote attackers to inject arbitrary web script or HTML with the help of Markdown input...

5.4CVSS6AI score0.00506EPSS
Exploits1References1
Prion
Prion
added 2019/01/14 7:29 p.m.14 views

Cross site scripting

XSS exists in JPress v1.0.4 via Markdown input, or Markdown input with the code input option...

3.5CVSS5.4AI score0.00506EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2019/01/14 7:29 p.m.7 views

CVE-2019-6278

XSS exists in JPress v1.0.4 via Markdown input, or Markdown input with the code input option...

5.4CVSS6.2AI score
Exploits0References1
Cvelist
Cvelist
added 2019/01/14 7:0 p.m.18 views

CVE-2019-6278

XSS exists in JPress v1.0.4 via Markdown input, or Markdown input with the code input option...

5.4AI score0.00506EPSS
Exploits1References1
OSV
OSV
added 2018/01/06 1:11 a.m.20 views

GHSA-MVW8-V767-QHJM Radiant CMS vulnerable to Cross-site Scripting

Radiant CMS 1.1.4 has XSS via crafted Markdown input in the partbodycontent parameter to an admin/pages//edit resource...

5.4CVSS5.1AI score0.00537EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2018/01/06 1:11 a.m.34 views

Radiant CMS vulnerable to Cross-site Scripting

Radiant CMS 1.1.4 has XSS via crafted Markdown input in the partbodycontent parameter to an admin/pages//edit resource...

5.4CVSS3.2AI score0.00537EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2018/01/04 7:29 p.m.15 views

Design/Logic Flaw

Radiant CMS 1.1.4 has XSS via crafted Markdown input in the partbodycontent parameter to an admin/pages//edit resource...

3.5CVSS5.1AI score0.00537EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2018/01/04 7:0 p.m.28 views

CVE-2018-5216

Radiant CMS 1.1.4 has XSS via crafted Markdown input in the partbodycontent parameter to an admin/pages//edit resource...

5.2AI score0.00537EPSS
Exploits1References1
Rows per page
Query Builder