Lucene search
K

276 matches found

CNNVD
CNNVD
added 2023/05/27 12:0 a.m.4 views

posthog 跨站脚本漏洞

posthog is a software application. A security vulnerability exists in posthog. No information about this vulnerability is available at this time, so please stay tuned to CNNVD or the vendor's announcement...

6.1CVSS6.2AI score0.00429EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/05/26 11:0 p.m.36 views

CVE-2023-32325 Cross-site scripting in PostHog-js

PostHog-js is a library to interface with the PostHog analytics tool. Versions prior to 1.57.2 have the potential for cross-site scripting. Problem has been patched in 1.57.2. Users are advised to upgrade. Users unable to upgrade should ensure that their Content Security Policy is in place...

5.4CVSS6.2AI score0.00429EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/05/26 11:0 p.m.10 views

CVE-2023-32325 Cross-site scripting in PostHog-js

PostHog-js is a library to interface with the PostHog analytics tool. Versions prior to 1.57.2 have the potential for cross-site scripting. Problem has been patched in 1.57.2. Users are advised to upgrade. Users unable to upgrade should ensure that their Content Security Policy is in place...

5.4CVSS6AI score0.00429EPSS
Exploits0References2
OSV
OSV
added 2023/05/26 11:0 p.m.26 views

CVE-2023-32325 Cross-site scripting in PostHog-js

PostHog-js is a library to interface with the PostHog analytics tool. Versions prior to 1.57.2 have the potential for cross-site scripting. Problem has been patched in 1.57.2. Users are advised to upgrade. Users unable to upgrade should ensure that their Content Security Policy is in place...

5.4CVSS5.9AI score0.00429EPSS
Exploits0References4
CVE
CVE
added 2023/05/26 11:0 p.m.76 views

CVE-2023-32325

CVE-2023-32325 affects the PostHog-js library. Versions prior to 1.57.2 are vulnerable to cross-site scripting due to improper handling in the library. The issue has been patched in 1.57.2. Users should upgrade to 1.57.2 or later. If upgrading is not possible, enforce a strong Content Security Po...

6.1CVSS5.6AI score0.00429EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2023/05/22 8:35 p.m.24 views

Potential for cross-site scripting in PostHog-js

Impact Potential for cross-site scripting in posthog-js. Patches The problem has been patched in posthog-js version 1.57.2. Workarounds - This isn't an issue for sites that have a Content Security Policy in place. - Using the HTML tracking snippet on PostHog Cloud always guarantees the latest...

6.1CVSS6.1AI score0.00429EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2023/05/22 8:35 p.m.29 views

GHSA-8775-5HWV-WR6V Potential for cross-site scripting in PostHog-js

Impact Potential for cross-site scripting in posthog-js. Patches The problem has been patched in posthog-js version 1.57.2. Workarounds - This isn't an issue for sites that have a Content Security Policy in place. - Using the HTML tracking snippet on PostHog Cloud always guarantees the latest...

5.4CVSS5.5AI score0.00429EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/05/22 12:0 a.m.4 views

PT-2023-23731 · Unknown · Posthog-Js

Name of the Vulnerable Software and Affected Versions: PostHog-js versions prior to 1.57.2 Description: The issue concerns a potential for cross-site scripting in the PostHog-js library. Users are advised to upgrade to version 1.57.2 to resolve the issue. For users unable to upgrade, having a...

6.1CVSS5.9AI score0.00429EPSS
Exploits0References9
NVD
NVD
added 2022/04/19 12:15 p.m.20 views

CVE-2022-0645

Open redirect vulnerability via endpoint authorizeandredirect/?redirect= in GitHub repository posthog/posthog prior to 1.34.1...

6.1CVSS0.00787EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/04/19 12:15 p.m.6 views

CVE-2022-0645

Open redirect vulnerability via endpoint authorizeandredirect/?redirect= in GitHub repository posthog/posthog prior to 1.34.1...

6.1CVSS6.3AI score0.00787EPSS
Exploits1References3
Prion
Prion
added 2022/04/19 12:15 p.m.16 views

Open redirect

Open redirect vulnerability via endpoint authorizeandredirect/?redirect= in GitHub repository posthog/posthog prior to 1.34.1...

5.8CVSS6.2AI score0.00787EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/04/19 11:20 a.m.32 views

CVE-2022-0645 Open redirect vulnerability via endpoint authorize_and_redirect/?redirect= in posthog/posthog

Open redirect vulnerability via endpoint authorizeandredirect/?redirect= in GitHub repository posthog/posthog prior to 1.34.1...

6.1CVSS6.5AI score0.00787EPSS
Exploits1References2
OSV
OSV
added 2022/04/19 11:20 a.m.18 views

CVE-2022-0645 Open redirect vulnerability via endpoint authorize_and_redirect/?redirect= in posthog/posthog

Open redirect vulnerability via endpoint authorizeandredirect/?redirect= in GitHub repository posthog/posthog prior to 1.34.1...

6.1CVSS6.4AI score0.00787EPSS
Exploits1References4
CVE
CVE
added 2022/04/19 11:20 a.m.72 views

CVE-2022-0645

CVE-2022-0645 is an open redirect vulnerability in the PostHog application (pre-1.34.1) exposed via the authorize_and_redirect/?redirect= endpoint. Affected component is the redirect handling in posthog/posthog. The Red Hat/NVD entries confirm the issue and point to open redirects leading to pote...

6.1CVSS6.3AI score0.00787EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2022/04/19 12:0 a.m.5 views

posthog 输入验证错误漏洞

posthog is a software application. A security vulnerability exists in posthog versions prior to 1.34.1, which stems from a redirection issue with authorizeandredirect/?redirect= in the application...

6.1CVSS6.2AI score0.00787EPSS
Exploits1References3
Huntr
Huntr
added 2022/03/22 7:28 p.m.28 views

Open redirect vulnerability via endpoint authorize_and_redirect/?redirect=

Description Posthog application is vulnerable to open redirect which can be exploited by adding authorizeandredirect/?redirect=https://evil.com endpoint. Proof of Concept 1.Open the link https://app.posthog.com/login?next=/authorizeandredirect/%3Fredirect%3Dhttps%25253A%25252F%25252Fevil.com...

5.8CVSS0.9AI score0.05265EPSS
Exploits3References1
Rows per page
Query Builder