Wildfly 跨站脚本漏洞

Wildfly is a powerful, modular and lightweight application server from Wildfly. A cross-site scripting vulnerability exists in Wildfly that stems from improper neutralization of input in the HAL Console component, which results in that input being output as a web page and served to other users...

CVE-2024-36423 GHSL-2023-246: Flowise xss in /api/v1/public-chatflows/id

Flowise is a drag & drop user interface to build a customized large language model flow. In version 1.4.3 of Flowise, a reflected cross-site scripting vulnerability occurs in the /api/v1/public-chatflows/id endpoint. If the default configuration is used unauthenticated, an attacker may be able to...

PT-2024-23260 · Sap Se · Sap Business Connector

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue allows a high privilege attacker to load an exploitable payload onto the Resource Settings page, which is then stored and reflected whenever a...

Cross Site Scripting (XSS)

malojaserver is vulnerable to Cross Site Scripting XSS attack. The vulnerability arises due to the error page reflecting the missing path to the user. An attacker can execute arbitrary JavaScript in the malojaserver's client context...