Lucene search
K

144 matches found

OSV
OSV
added 2024/02/10 9:15 a.m.2 views

CVE-2023-51492

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in If So Plugin If-So Dynamic Content Personalization allows Stored XSS.This issue affects If-So Dynamic Content Personalization: from n/a through 1.6.3.1...

5.4CVSS7.3AI score
Exploits0References1
Prion
Prion
added 2024/02/10 9:15 a.m.14 views

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in If So Plugin If-So Dynamic Content Personalization allows Stored XSS.This issue affects If-So Dynamic Content Personalization: from n/a through 1.6.3.1...

4.9CVSS7.2AI score0.00328EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/02/10 8:23 a.m.11 views

CVE-2023-51492 WordPress If-So Dynamic Content Personalization Plugin <= 1.6.3.1 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in If So Plugin If-So Dynamic Content Personalization allows Stored XSS.This issue affects If-So Dynamic Content Personalization: from n/a through 1.6.3.1...

6.5CVSS6.7AI score0.00328EPSS
Exploits0References1
CVE
CVE
added 2024/02/10 8:23 a.m.63 views

CVE-2023-51492

CVE-2023-51492 is a Stored Cross-Site Scripting (XSS) vulnerability in the If-So Dynamic Content Personalization WordPress plugin. The issue arises from improper input neutralization during web page generation, affecting the plugin’s input handling for authenticated users (Contributor+). Affected...

6.5CVSS6.7AI score0.00328EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/02/10 12:0 a.m.5 views

PT-2024-14151 · Unknown · If-So Dynamic Content Personalization

Name of the Vulnerable Software and Affected Versions: If-So Dynamic Content Personalization versions 1.6.3.1 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that ...

6.5CVSS6.1AI score0.00328EPSS
Exploits0References6
Prion
Prion
added 2024/01/11 1:15 a.m.21 views

Code injection

The Customer Management Framework CMF for Pimcore adds functionality for customer data management, segmentation, personalization and marketing automation. An authenticated and unauthorized user can access the list of potential duplicate users and see their data. Permissions are enforced when...

4CVSS6.8AI score0.00564EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2024/01/11 12:45 a.m.55 views

CVE-2024-21666

PIMCORE CVE-2024-21666 affects the Pimcore Customer Management Framework (CMF). The issue is an improper access control in the DuplicatesController that allows an authenticated user without required permissions—and in practice, unauthorized users as well—to access the duplicates list endpoint at ...

6.5CVSS6.3AI score0.00564EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2023/12/27 12:0 a.m.8 views

WordPress If-So Dynamic Content Personalization Plugin <= 1.6.3.1 is vulnerable to Cross Site Scripting (XSS)

Software If-So Dynamic Content Personalization Type Plugin Vulnerable versions = 1.6.3.1 Fixed in 1.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-51492 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 370a66ff87d7 Credits Khalid Yusuf...

6.5CVSS6.5AI score0.00328EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/12/07 12:0 a.m.9 views

PT-2023-9319 · Oracle · Oracle Applications Framework

Name of the Vulnerable Software and Affected Versions: Oracle Applications Framework versions 12.2.3 through 12.2.13 Description: The issue is related to improper authorization in the Personalization component of Oracle Applications Framework, part of the Oracle E-Business Suite. This can allow a...

5.5CVSS7.3AI score0.00313EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2023/10/21 12:0 a.m.6 views

The vulnerability of the Personalization component of the Oracle Applications Framework, a software platform for enterprise automation systems in the Oracle E-Business Suite, allows a perpetrator to gain access to read, modify, add, or delete data.

The vulnerability of the Personalization component of the Oracle Applications Framework software, which is part of the Oracle E-Business Suite, exists due to insufficient verification of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to read,...

6.4CVSS6.3AI score0.00327EPSS
Exploits0References2Affected Software2
Tenable Nessus
Tenable Nessus
added 2023/10/19 12:0 a.m.30 views

Oracle E-Business Suite (October 2023 CPU)

The versions of Oracle E-Business Suite installed on the remote host are affected a vulnerability as referenced in the October 2023 CPU advisory. - Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Personalization. Supported versions that are affecte...

6.1CVSS6.3AI score0.00327EPSS
Exploits0References3
NVD
NVD
added 2023/10/17 10:15 p.m.21 views

CVE-2023-22076

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Personalization. Supported versions that are affected are 12.2.3-12.2.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application...

6.1CVSS5.8AI score0.00327EPSS
Exploits0References1
Prion
Prion
added 2023/10/17 10:15 p.m.22 views

Design/Logic Flaw

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Personalization. Supported versions that are affected are 12.2.3-12.2.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application...

5.8CVSS5.9AI score0.00327EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/10/17 12:0 a.m.5 views

PT-2023-6269 · Oracle · Oracle Applications Framework +1

Name of the Vulnerable Software and Affected Versions: Oracle E-Business Suite versions 12.2.3 through 12.2.12 Description: The issue is related to insufficient input validation in the Personalization component of the Oracle Applications Framework product. This allows an unauthenticated attacker...

6.4CVSS5.2AI score0.00327EPSS
Exploits0References4
NVD
NVD
added 2023/10/03 10:15 a.m.12 views

CVE-2023-37891

Cross-Site Request Forgery CSRF vulnerability in OptiMonk OptiMonk: Popups, Personalization & A/B Testing plugin = 2.0.4 versions...

8.8CVSS5.8AI score0.00214EPSS
Exploits0References1
OSV
OSV
added 2023/10/03 10:15 a.m.2 views

CVE-2023-37891

Cross-Site Request Forgery CSRF vulnerability in OptiMonk OptiMonk: Popups, Personalization & A/B Testing plugin = 2.0.4 versions...

8.8CVSS7.3AI score0.00214EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/07/06 12:0 a.m.4 views

SAMSUNG Mobile device 输入验证错误漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile device SMR Jul-2023 Release 1 version, which stems from an incorrect input validation vulnerability ...

7.8CVSS7.3AI score0.00174EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2023/06/23 10:50 a.m.26 views

The Power of Browser Fingerprinting: Personalized UX, Fraud Detection, and Secure Logins

The case for browser fingerprinting: personalizing user experience, improving fraud detection, and optimizing login security Have you ever heard of browser fingerprinting? You should! It's an online user identification technique that collects information about a visitor's web browser and its...

6.6AI score
Exploits0
Akamai Blog
Akamai Blog
added 2023/06/22 1:0 p.m.13 views

Navigating a New Reality: Content Personalization at Scale

Prioritizing content personalization can improve user engagement, enhance customer experiences, and boost revenue on a global scale...

7AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2022/08/24 12:0 a.m.6 views

The vulnerability of the Personalization module of SmartVista CardGen, which exists due to the lack of measures taken to protect the website structure, allows a attacker to execute XSS attacks.

The vulnerability of the Personalization module of SmartVista CardGen exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

6.4CVSS6.2AI score0.00596EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder