Lucene search
+L

28 matches found

NVD
NVD
added 2020/11/30 11:15 p.m.32 views

CVE-2020-14193

Affected versions of Automation for Jira - Server allowed remote attackers to read and render files as mustache templates in files inside the WEB-INF/classes & /jira/bin directories via a template injection vulnerability in Jira smart values using mustache partials. The affected versions are thos...

5.5CVSS5.5AI score0.0077EPSS
Exploits0References1
Prion
Prion
added 2020/11/30 11:15 p.m.17 views

Sql injection

Affected versions of Automation for Jira - Server allowed remote attackers to read and render files as mustache templates in files inside the WEB-INF/classes & /jira/bin directories via a template injection vulnerability in Jira smart values using mustache partials. The affected versions are thos...

5.5CVSS5.5AI score0.0077EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/11/30 11:5 p.m.68 views

CVE-2020-14193

CVE-2020-14193 affects Automation for Jira - Server: a template injection in Jira smart values using mustache partials allowed remote attackers to read and render files in WEB-INF/classes and /jira/bin via mustache templates. Affected versions are before 7.1.15. Atlassian/JIRAAUTOSERVER-185 notes...

5.5CVSS5.5AI score0.0077EPSS
Exploits0References1Affected Software1
Atlassian
Atlassian
added 2020/11/26 5:44 a.m.76 views

Template injection vulnerability in Automation for Jira smart values - CVE-2020-14193

Affected versions of Automation for Jira - Server allowed remote attackers to read and render files as mustache templates in files inside the WEB-INF/classes & /jira/bin directories via a template injection vulnerability in Jira smart values using mustache partials. The affected versions are thos...

5.5CVSS5.7AI score0.0077EPSS
Exploits0Affected Software1
NVD
NVD
added 2019/07/23 1:15 p.m.30 views

CVE-2019-1010124

WebAppick WooCommerce Product Feed 2.2.18 and earlier is affected by: Cross Site Scripting XSS. The impact is: XSS to RCE via editing theme files in WordPress. The component is: admin/partials/woo-feed-manage-list.php:63. The attack vector is: Administrator must be logged in...

5.4CVSS5.2AI score0.03213EPSS
Exploits5References3
CNVD
CNVD
added 2019/07/23 12:0 a.m.9 views

WordPress WebAppick WooCommerce Product Feed Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WebAppick WooCommerce Product Feed is a plugin used in WordPress to generate product feed data. A cross-site scripting...

5.4CVSS6.3AI score0.03213EPSS
Exploits5References1
CVE
CVE
added 2019/07/23 12:0 a.m.99 views

CVE-2019-1010124

Summary: CVE-2019-1010124 affects WebAppick WooCommerce Product Feed (versions

5.4CVSS5.3AI score0.03213EPSS
Exploits5References3Affected Software1
NVD
NVD
added 2017/11/09 10:29 p.m.18 views

CVE-2017-16758

Cross-site scripting XSS vulnerability in admin/partials/uif-access-token-display.php in the Ultimate Instagram Feed plugin before 1.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the "accesstoken" parameter...

4.8CVSS5.2AI score0.01028EPSS
Exploits2References3
Rows per page
Query Builder