External Control of File Name or Path

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to External Control of File Name or Path via improper validation of file paths in the media embedding. An attacker can access arbitrary files on the host system or trigger network credential...

EUVD-2018-1024

Malware in sbrugna...

Cross site scripting

A vulnerability in Cisco Jabber Client Framework JCF could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of an affected device. The vulnerability is due to improper neutralization of input during web page generation. An attacker could exploit...

CVE-2018-0201

CVE-2018-0201 is a cross-site scripting vulnerability in Cisco Jabber Client Framework (JCF). The issue arises from improper neutralization of input during web page generation, enabling an authenticated, remote attacker to trigger XSS by embedding media in instant messages. The exploit could caus...

CVE-2018-0201

A vulnerability in Cisco Jabber Client Framework JCF could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of an affected device. The vulnerability is due to improper neutralization of input during web page generation. An attacker could exploit...