15 matches found
EUVD-2023-42665
Malicious code in bioql PyPI...
CVE-2023-38904
A Cross Site Scripting XSS vulnerability in Netlify CMS v.2.10.192 allows a remote attacker to execute arbitrary code via a crafted payload to the body parameter of the new post function...
CVE-2023-38904
A Cross Site Scripting XSS vulnerability in Netlify CMS v.2.10.192 allows a remote attacker to execute arbitrary code via a crafted payload to the body parameter of the new post function...
CVE-2023-38904
A Cross Site Scripting XSS vulnerability in Netlify CMS v.2.10.192 allows a remote attacker to execute arbitrary code via a crafted payload to the body parameter of the new post function...
Cross site scripting
A Cross Site Scripting XSS vulnerability in Netlify CMS v.2.10.192 allows a remote attacker to execute arbitrary code via a crafted payload to the body parameter of the new post function...
CVE-2023-38904
CVE-2023-38904 describes an XSS in Netlify CMS v2.10.192 where a crafted payload in the body parameter of the new post function allows a remote attacker to execute arbitrary code. The issue is documented across multiple sources (NVD, Red Hat, OSV, CNNVD, CVE listing, etc.). Affected component is ...
Netlify CMS 跨站脚本漏洞
Netlify CMS is a website builder system from the American company Netlify. A security vulnerability exists in Netlify CMS version v.2.10.192. An attacker can exploit this vulnerability to execute arbitrary code via the payload of the body parameter of a specially crafted post function...
PT-2023-26677 · Netlify · Netlify Cms
Name of the Vulnerable Software and Affected Versions: Netlify CMS version 2.10.192 Description: A Cross Site Scripting XSS issue allows a remote attacker to execute arbitrary code via a crafted payload to the body parameter of the new post function. Recommendations: For Netlify CMS version...
CVE-2023-38904
A Cross Site Scripting XSS vulnerability in Netlify CMS v.2.10.192 allows a remote attacker to execute arbitrary code via a crafted payload to the body parameter of the new post function...
CVE-2023-38904
A Cross Site Scripting XSS vulnerability in Netlify CMS v.2.10.192 allows a remote attacker to execute arbitrary code via a crafted payload to the body parameter of the new post function...
CVE-2023-38904
A Cross Site Scripting XSS vulnerability in Netlify CMS v.2.10.192 allows a remote attacker to execute arbitrary code via a crafted payload to the body parameter of the new post function...
Netlify CMS 2.10.192 - Stored Cross-Site Scripting Vulnerability
Exploit Title: Netlify CMS 2.10.192 - Stored Cross-Site Scripting XSS Exploit Author: tmrswrr Vendor Homepage: https://decapcms.org/docs/intro/ Software Link: https://github.com/decaporg/decap-cms Version: 2.10.192 Tested on: https://cms-demo.netlify.com Description: 1. Go to new post and write...
Netlify CMS 2.10.192 Cross Site Scripting
Exploit Title: Netlify CMS 2.10.192 - Stored Cross-Site Scripting XSS Exploit Author: tmrswrr Vendor Homepage: https://decapcms.org/docs/intro/ Software Link: https://github.com/decaporg/decap-cms Version: 2.10.192 Tested on: https://cms-demo.netlify.com Description: 1. Go to new post and write...
Netlify CMS 2.10.192 - Stored Cross-Site Scripting (XSS)
Exploit Title: Netlify CMS 2.10.192 - Stored Cross-Site Scripting XSS Exploit Author: tmrswrr Vendor Homepage: https://decapcms.org/docs/intro/ Software Link: https://github.com/decaporg/decap-cms Version: 2.10.192 Tested on: https://cms-demo.netlify.com Description: 1. Go to new post and write...
Cross-site Scripting (XSS) - Generic in netlify/netlify-cms
Description netlify-cms-widget-markdown is vulnerable to Cross-Site Scripting XSS. Steps To Reproduce 1. Use the application or use the demo https://cms-demo.netlify.com//collections/posts/new 2. Switch to markdown mode in edtior. 3. Insert the xss payload in to the editorbody 4. XSS payload will...