20 matches found
EUVD-2025-2770
Malicious code in bioql PyPI...
EUVD-2025-2771
Malicious code in bioql PyPI...
๐ Optimizely Episerver Content Management System 11.x / 12.x Cross Site Scripting
Optimizely Episerver Content Management System versions prior to 11.21.4 and prior to 12.22.1 suffer from multiple persistent cross site scripting vulnerabilities. Confidentiality class: Internal & Partner SEC Consult Vulnerability Lab Security Advisory...
Optimizely Episerver Content Management System ๅฎๅ จๆผๆด
Optimizely Episerver Content Management System is an enterprise-class content management system from Optimizely, Inc. A security vulnerability exists in the Optimizely Episerver Content Management System that stems from stored cross-site scripting that allows an authenticated attacker to execute...
Optimizely Episerver Content Management System ๅฎๅ จๆผๆด
Optimizely Episerver Content Management System is an enterprise-class content management system from Optimizely, Inc. A security vulnerability exists in the Optimizely Episerver Content Management System that stems from stored cross-site scripting that allows an authenticated attacker to execute...
Optimizely Episerver Content Management System ๅฎๅ จๆผๆด
Optimizely Episerver Content Management System is an enterprise-class content management system from Optimizely, Inc. A security vulnerability exists in the Optimizely Episerver Content Management System that stems from stored cross-site scripting that allows an authenticated attacker to execute...
CVE-2025-22389
An issue was discovered in Optimizely EPiServer.CMS.Core before 12.32.0. A medium-severity vulnerability exists in the CMS, where the application does not properly validate uploaded files. This allows the upload of potentially malicious file types, including .docm .html. When accessed by...
CVE-2025-22390
An issue was discovered in Optimizely EPiServer.CMS.Core before 12.32.0. A medium-severity vulnerability exists in the CMS due to insufficient enforcement of password complexity requirements. The application permits users to set passwords with a minimum length of 6 characters, lacking adequate...
CVE-2025-22389
An issue was discovered in Optimizely EPiServer.CMS.Core before 12.32.0. A medium-severity vulnerability exists in the CMS, where the application does not properly validate uploaded files. This allows the upload of potentially malicious file types, including .docm .html. When accessed by...
CVE-2025-22388
An issue was discovered in Optimizely EPiServer.CMS.Core before 12.22.0. A high-severity Stored Cross-Site Scripting XSS vulnerability exists in the CMS, allowing malicious actors to inject and execute arbitrary JavaScript code, potentially compromising user data, escalating privileges, or...
CVE-2025-22389
An issue was discovered in Optimizely EPiServer.CMS.Core before 12.32.0. A medium-severity vulnerability exists in the CMS, where the application does not properly validate uploaded files. This allows the upload of potentially malicious file types, including .docm .html. When accessed by...
CVE-2025-22390
An issue was discovered in Optimizely EPiServer.CMS.Core before 12.32.0. A medium-severity vulnerability exists in the CMS due to insufficient enforcement of password complexity requirements. The application permits users to set passwords with a minimum length of 6 characters, lacking adequate...
CVE-2025-22389
An issue was discovered in Optimizely EPiServer.CMS.Core before 12.32.0. A medium-severity vulnerability exists in the CMS, where the application does not properly validate uploaded files. This allows the upload of potentially malicious file types, including .docm .html. When accessed by...
Optimizely EPiServer.CMS.Core ๅฎๅ จๆผๆด
Optimizely EPiServer.CMS.Core is a content management system core from Optimizely, Inc. A security vulnerability exists in Optimizely EPiServer.CMS.Core versions prior to 12.32.0 that stems from insufficient complexity of the required password...
CVE-2025-22390
Optimizely EPiServer.CMS.Core prior to 12.32.0 contains a password- policy weakness where passwords as short as 6 characters may be set due to insufficient complexity enforcement. This vulnerability could enable offline cracking or password spraying in theory, given weak password requirements. Af...
CVE-2025-22388
An issue was discovered in Optimizely EPiServer.CMS.Core before 12.22.0. A high-severity Stored Cross-Site Scripting XSS vulnerability exists in the CMS, allowing malicious actors to inject and execute arbitrary JavaScript code, potentially compromising user data, escalating privileges, or...
CVE-2025-22388
Optimizely EPiServer.CMS.Core prior to version 12.22.0 contains a Stored Cross-Site Scripting (XSS) vulnerability in the CMS, affecting areas such as content editing, link management, and file uploads. The issue allows an attacker to inject and execute arbitrary JavaScript, which could compromise...
Optimizely EPiServer.CMS.Core ๅฎๅ จๆผๆด
Optimizely EPiServer.CMS.Core is a content management system core from Optimizely, Inc. A security vulnerability exists in Optimizely EPiServer.CMS.Core versions prior to 12.32.0 that stems from not properly validating uploaded files...
CVE-2025-22390
An issue was discovered in Optimizely EPiServer.CMS.Core before 12.32.0. A medium-severity vulnerability exists in the CMS due to insufficient enforcement of password complexity requirements. The application permits users to set passwords with a minimum length of 6 characters, lacking adequate...
CVE-2025-22389
An issue was discovered in Optimizely EPiServer.CMS.Core before 12.32.0. A medium-severity vulnerability exists in the CMS, where the application does not properly validate uploaded files. This allows the upload of potentially malicious file types, including .docm .html. When accessed by...