276 matches found
posthog 跨站脚本漏洞
posthog is a software application. A security vulnerability exists in posthog. No information about this vulnerability is available at this time, so please stay tuned to CNNVD or the vendor's announcement...
CVE-2023-32325 Cross-site scripting in PostHog-js
PostHog-js is a library to interface with the PostHog analytics tool. Versions prior to 1.57.2 have the potential for cross-site scripting. Problem has been patched in 1.57.2. Users are advised to upgrade. Users unable to upgrade should ensure that their Content Security Policy is in place...
CVE-2023-32325 Cross-site scripting in PostHog-js
PostHog-js is a library to interface with the PostHog analytics tool. Versions prior to 1.57.2 have the potential for cross-site scripting. Problem has been patched in 1.57.2. Users are advised to upgrade. Users unable to upgrade should ensure that their Content Security Policy is in place...
CVE-2023-32325 Cross-site scripting in PostHog-js
PostHog-js is a library to interface with the PostHog analytics tool. Versions prior to 1.57.2 have the potential for cross-site scripting. Problem has been patched in 1.57.2. Users are advised to upgrade. Users unable to upgrade should ensure that their Content Security Policy is in place...
CVE-2023-32325
CVE-2023-32325 affects the PostHog-js library. Versions prior to 1.57.2 are vulnerable to cross-site scripting due to improper handling in the library. The issue has been patched in 1.57.2. Users should upgrade to 1.57.2 or later. If upgrading is not possible, enforce a strong Content Security Po...
Potential for cross-site scripting in PostHog-js
Impact Potential for cross-site scripting in posthog-js. Patches The problem has been patched in posthog-js version 1.57.2. Workarounds - This isn't an issue for sites that have a Content Security Policy in place. - Using the HTML tracking snippet on PostHog Cloud always guarantees the latest...
GHSA-8775-5HWV-WR6V Potential for cross-site scripting in PostHog-js
Impact Potential for cross-site scripting in posthog-js. Patches The problem has been patched in posthog-js version 1.57.2. Workarounds - This isn't an issue for sites that have a Content Security Policy in place. - Using the HTML tracking snippet on PostHog Cloud always guarantees the latest...
PT-2023-23731 · Unknown · Posthog-Js
Name of the Vulnerable Software and Affected Versions: PostHog-js versions prior to 1.57.2 Description: The issue concerns a potential for cross-site scripting in the PostHog-js library. Users are advised to upgrade to version 1.57.2 to resolve the issue. For users unable to upgrade, having a...
CVE-2022-0645
Open redirect vulnerability via endpoint authorizeandredirect/?redirect= in GitHub repository posthog/posthog prior to 1.34.1...
CVE-2022-0645
Open redirect vulnerability via endpoint authorizeandredirect/?redirect= in GitHub repository posthog/posthog prior to 1.34.1...
Open redirect
Open redirect vulnerability via endpoint authorizeandredirect/?redirect= in GitHub repository posthog/posthog prior to 1.34.1...
CVE-2022-0645 Open redirect vulnerability via endpoint authorize_and_redirect/?redirect= in posthog/posthog
Open redirect vulnerability via endpoint authorizeandredirect/?redirect= in GitHub repository posthog/posthog prior to 1.34.1...
CVE-2022-0645 Open redirect vulnerability via endpoint authorize_and_redirect/?redirect= in posthog/posthog
Open redirect vulnerability via endpoint authorizeandredirect/?redirect= in GitHub repository posthog/posthog prior to 1.34.1...
CVE-2022-0645
CVE-2022-0645 is an open redirect vulnerability in the PostHog application (pre-1.34.1) exposed via the authorize_and_redirect/?redirect= endpoint. Affected component is the redirect handling in posthog/posthog. The Red Hat/NVD entries confirm the issue and point to open redirects leading to pote...
posthog 输入验证错误漏洞
posthog is a software application. A security vulnerability exists in posthog versions prior to 1.34.1, which stems from a redirection issue with authorizeandredirect/?redirect= in the application...
Open redirect vulnerability via endpoint authorize_and_redirect/?redirect=
Description Posthog application is vulnerable to open redirect which can be exploited by adding authorizeandredirect/?redirect=https://evil.com endpoint. Proof of Concept 1.Open the link https://app.posthog.com/login?next=/authorizeandredirect/%3Fredirect%3Dhttps%25253A%25252F%25252Fevil.com...