GO-2026-4398 WireGuard Portal v2 has Open Redirect Vulnerability in OAuth Authentication Flow in github.com/h44z/wg-portal

WireGuard Portal v2 has Open Redirect Vulnerability in OAuth Authentication Flow in github.com/h44z/wg-portal. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports fr...

EUVD-2018-6813

Malware in sbrugna...

PT-2025-112: Stored XSS in FreeScout

The vulnerability was identified in FreeScout, version 1.8.182. The discovered vulnerability allows an attacker to inject arbitrary HTML tags and JavaScript into web pages, resulting in execution of malicious code in the victim’s browser. Vulnerability status: Confirmed by vendor Date of...

Oracle PeopleSoft Enterprise PeopleTools 安全漏洞

Oracle PeopleSoft Enterprise PeopleTools is Oracle's technology for providing PeopleSoft applications with the ability to stay in sync with users' needs and expectations. A security vulnerability exists in Oracle PeopleSoft's PeopleSoft Enterprise PeopleTools product that originates in the Portal...

Multiple vulnerabilities in Cybozu Garoon

Overview Cybozu Garoon provided by Cybozu, Inc. contains multiple vulnerabilities listed below. CyVDB-1782 Cross-site scripting vulnerability in Scheduler CWE-79 - CVE-2021-20753 CyVDB-2029 Improper input validation vulnerability in Workflow CWE-20 - CVE-2021-20754 CyVDB-2071 Viewing restrictions...

CVE-2018-14931

An issue was discovered in the Core and Portal modules in Polaris FT Intellect Core Banking 9.7.1. An open redirect exists via a /IntellectMain.jsp?IntellectSystem= URI...

Cross site scripting

An issue was discovered in the Core and Portal modules in Polaris FT Intellect Core Banking 9.7.1. Reflected XSS exists with an authenticated session via the Customerid, formName, FrameId, or MODE parameter...

CVE-2018-14931

Polarisft Intellect Core Banking Software Version 9.7.1 contains an open redirect in the Core and Portal modules reachable via /IntellectMain.jsp?IntellectSystem=. The open redirect could allow an attacker to redirect users to a malicious site, enabling phishing or credential-stealing scenarios. ...

CVE-2013-1244

Cross-site scripting XSS vulnerability in the portal module in Cisco WebEx Social allows remote authenticated users to inject arbitrary web script or HTML via a javascript: URL in the link field in a post, aka Bug ID CSCue67199...

CVE-2013-1244

The CVE-2013-1244 entry describes an XSS vulnerability in the Cisco WebEx Social portal module. A remote, authenticated user can inject arbitrary web script or HTML via a javascript: URL entered in the link field of a post. The affected component is the portal module of Cisco WebEx Social; the im...

Shadowed Portal Module Character Roster - mod_root Remote File Inclusion

Shadowed Portal Module Character Roster - modroot Remote File Inclusion =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Shadowed Portal 5.7. Roster Module modroot Remote File Include...