28 matches found
CVE-2020-14193
Affected versions of Automation for Jira - Server allowed remote attackers to read and render files as mustache templates in files inside the WEB-INF/classes & /jira/bin directories via a template injection vulnerability in Jira smart values using mustache partials. The affected versions are thos...
Sql injection
Affected versions of Automation for Jira - Server allowed remote attackers to read and render files as mustache templates in files inside the WEB-INF/classes & /jira/bin directories via a template injection vulnerability in Jira smart values using mustache partials. The affected versions are thos...
CVE-2020-14193
CVE-2020-14193 affects Automation for Jira - Server: a template injection in Jira smart values using mustache partials allowed remote attackers to read and render files in WEB-INF/classes and /jira/bin via mustache templates. Affected versions are before 7.1.15. Atlassian/JIRAAUTOSERVER-185 notes...
Template injection vulnerability in Automation for Jira smart values - CVE-2020-14193
Affected versions of Automation for Jira - Server allowed remote attackers to read and render files as mustache templates in files inside the WEB-INF/classes & /jira/bin directories via a template injection vulnerability in Jira smart values using mustache partials. The affected versions are thos...
CVE-2019-1010124
WebAppick WooCommerce Product Feed 2.2.18 and earlier is affected by: Cross Site Scripting XSS. The impact is: XSS to RCE via editing theme files in WordPress. The component is: admin/partials/woo-feed-manage-list.php:63. The attack vector is: Administrator must be logged in...
WordPress WebAppick WooCommerce Product Feed Cross-Site Scripting Vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WebAppick WooCommerce Product Feed is a plugin used in WordPress to generate product feed data. A cross-site scripting...
CVE-2019-1010124
Summary: CVE-2019-1010124 affects WebAppick WooCommerce Product Feed (versions
CVE-2017-16758
Cross-site scripting XSS vulnerability in admin/partials/uif-access-token-display.php in the Ultimate Instagram Feed plugin before 1.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the "accesstoken" parameter...