7657 matches found
CVE-2019-12442
CVE-2019-12442 affects GitLab Enterprise Edition 11.7–11.11. The issue is a persistent cross-site scripting (XSS) vulnerability on child epics caused by lack of input validation and insufficient output encoding on the epic details page. This is detailed across multiple sources (GitLab advisories,...
CVE-2019-12442
An issue was discovered in GitLab Enterprise Edition 11.7 through 11.11. The epic details page contained a lack of input validation and output encoding issue which resulted in a persistent XSS vulnerability on child epics...
YzmCMS 5.5 Cross Site Scripting
Exploit Title: YzmCMS 5.5 - 'url' Persistent Cross-Site Scripting Google Dork: N/A Date: 2020-03-10 Exploit Author: En Vendor Homepage: https://github.com/yzmcms/yzmcms Software Link: https://github.com/yzmcms/yzmcms Version: V5.5 Category: Web Application Patched Version: unpatched Tested on:...
Intel Releases Security Updates
Intel has released security updates to address vulnerabilities in multiple products. An authenticated attacker with local access could exploit some of these vulnerabilities to gain escalation of privileges. The Cybersecurity and Infrastructure Security Agency CISA encourages users and...
CVE-2020-10247
MISP 2.4.122 has Persistent XSS in the sighting popover tool. This is related to app/View/Elements/Events/View/sightingfield.ctp...
CVE-2020-10247
MISP 2.4.122 has Persistent XSS in the sighting popover tool. This is related to app/View/Elements/Events/View/sightingfield.ctp...
Design/Logic Flaw
MISP 2.4.122 has Persistent XSS in the sighting popover tool. This is related to app/View/Elements/Events/View/sightingfield.ctp...
CVE-2020-10247
MISP 2.4.122 has Persistent XSS in the sighting popover tool. This is related to app/View/Elements/Events/View/sightingfield.ctp...
CVE-2020-10247
Vulnerability: CVE-2020-10247 affects MISP 2.4.122, where a Persistent XSS exists in the sighting popover tool (file app/View/Elements/Events/View/sighting_field.ctp). Impact: can store/trigger XSS in user-visible popovers. Root cause: persistent cross-site scripting in the sighting_field.ctp com...
PT-2020-12003 · Misp · Misp
Name of the Vulnerable Software and Affected Versions: MISP version 2.4.122 Description: The issue is related to a Persistent XSS in the sighting popover tool, specifically in the app/View/Elements/Events/View/sighting field.ctp file. Recommendations: For MISP version 2.4.122, consider disabling...
Intel Optane DC Persistent Memory Module Management Software - Lenovo Support US
No description provided...
Intel Optane DC Persistent Memory Module Management Software - Lenovo Support US
Lenovo Security Advisory: LEN-30556 Potential Impact: Escalation of privilege Severity: Medium Scope of Impact: Industry-wide CVE Identifier: CVE-2020-0546 Summary Description: Intel reported potential security vulnerabilities in Intel Optane DC Persistent Memory Module Management Software which...
Alfresco 5.2.4 - Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Alfresco 5.2.4 - Persistent Cross-Site Scripting Exploit Author: Romain LOISEL & Alexandre ZANNI https://pwn.by/noraj - Pentesters from Orange Cyberdefense France Vendor Homepage: https://www.alfresco.com/ Software Link:...
Alfresco 5.2.4 - Persistent Cross-Site Scripting
Alfresco 5.2.4 - Persistent Cross-Site Scripting Exploit Title: Alfresco 5.2.4 - Persistent Cross-Site Scripting Date: 2020-03-02 Exploit Author: Romain LOISEL & Alexandre ZANNI https://pwn.by/noraj - Pentesters from Orange Cyberdefense France Vendor Homepage: https://www.alfresco.com/ Software...
Alfresco 5.2.4 - Persistent Cross-Site Scripting
Exploit Title: Alfresco 5.2.4 - Persistent Cross-Site Scripting Date: 2020-03-02 Exploit Author: Romain LOISEL & Alexandre ZANNI https://pwn.by/noraj - Pentesters from Orange Cyberdefense France Vendor Homepage: https://www.alfresco.com/ Software Link: https://www.alfresco.com/ecm-software Versio...
CVE-2020-9019
The WPJobBoard plugin 5.5.3 for WordPress allows Persistent XSS via the Add Job form, as demonstrated by title and Description...
CVE-2020-9019
The WPJobBoard plugin 5.5.3 for WordPress allows Persistent XSS via the Add Job form, as demonstrated by title and Description...
Design/Logic Flaw
The WPJobBoard plugin 5.5.3 for WordPress allows Persistent XSS via the Add Job form, as demonstrated by title and Description...
CVE-2020-9019
The WPJobBoard plugin 5.5.3 for WordPress allows Persistent XSS via the Add Job form, as demonstrated by title and Description...
CVE-2020-9019
CVE-2020-9019 concerns the WordPress WPJobBoard plugin version 5.5.3, which permits a persistent cross-site scripting (XSS) attack through the Add Job form in the frontend. The vulnerability targets fields like Title and Description, allowing injected script payloads to persist and potentially ex...