11 matches found
CVE-2026-20673
A logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3. Turning off "Load remote content in messages” may not apply to all mail previews...
EUVD-2020-6064
Malware in sbrugna...
CVE-2024-46083
Scriptcase v9.10.023 and before is vulnerable to Cross Site Scripting XSS. An authenticated user can craft malicious payloads using the messages feature, which allows the injection of malicious code into any user's account on the platform. It is important to note that regular users can trigger...
CVE-2024-46083
Scriptcase v9.10.023 and before is vulnerable to Cross Site Scripting XSS. An authenticated user can craft malicious payloads using the messages feature, which allows the injection of malicious code into any user's account on the platform. It is important to note that regular users can trigger...
CVE-2024-46083
Scriptcase versions ≤ 9.10.023 are vulnerable to Cross-Site Scripting (XSS) via the messaging feature. An authenticated user can craft payloads that inject code into other users’ accounts, and regular users can trigger actions for administrator users. The vulnerability is confirmed across multipl...
PT-2024-31903 · Unknown · Scriptcase
Name of the Vulnerable Software and Affected Versions: Scriptcase versions 9.10.023 and earlier Description: The issue allows an authenticated user to craft malicious payloads using the messages feature, enabling the injection of malicious code into any user's account on the platform. Regular use...
Artica Pandora FMS Cross-Site Scripting Vulnerability (CNVD-2020-32915)
Artica Pandora FMS is a monitoring system from the Spanish company Artica. The system monitors networks, servers, virtual infrastructures, applications, etc. in a visual way. A cross-site scripting vulnerability exists in the Messages feature in Artica Pandora FMS version 7.44. An attacker can...
CVE-2020-13853
Artica Pandora FMS 7.44 has persistent XSS in the Messages feature...
CVE-2020-13853
Pandora FMS 7.44 is affected by CVE-2020-13853, a persistent Cross-Site Scripting (XSS) vulnerability in the Messages feature. The CoreLabs advisory details that an attacker can inject arbitrary JavaScript into messages, which is executed in the recipient’s browser and can facilitate session cook...
Facebook Patches Privacy Flaw in Pages Manager for Android
Facebook has plugged a privacy hole in its Pages Manager application for Android. Facebook Pages help businesses establish a presence on the social network, while the app enables an admin to manage posts, respond to comments and messages, push notifications to customers, manage photographs and...
Unrestricted file upload
Unrestricted file upload vulnerability in Collabtive 0.4.8 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension and using a text/plain MIME type, then accessing it via a direct request to the file in files/, related to 1 the showproject acti...