3 matches found
GHSA-8C3X-HQ82-GJCM XXE vulnerability in XSLT parsing in `org.hl7.fhir.publisher`
Impact XSLT transforms performed by various components are vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host system. This impacts use cases where org.hl7.fhir.publisher is being used to within a host where...
WordPress Plugin SEO by Yoast 1.7.3.3 - Blind SQL Injection
WordPress Plugin SEO by Yoast 1.7.3.3 - Blind SQL Injection Title: WordPress SEO by Yoast = 1.7.3.3 - Blind SQL Injection Version/s Tested: 1.7.3.3 Patched Version: 1.7.4 CVSSv2 Base Score: 9 AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:OF/RC:C CVSSv2 Temporal Score: 7...
WordPress SEO by Yoast 1.7.3.3 SQL Injection Vulnerability
WordPress SEO by Yoast plugin versions 1.7.3.3 and below suffer from a remote blind SQL injection vulnerability. Title: WordPress SEO by Yoast = 1.7.3.3 - Blind SQL Injection Version/s Tested: 1.7.3.3 Patched Version: 1.7.4 CVSSv2 Base Score: 9 AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:OF/RC:C CVSSv2...