Important: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.6 Product Security and Bug Fix Update

An update is now available for Red Hat Ansible Automation Platform 2.6 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

CVE-2025-62293 Broken Access Control in SOPlanning

SOPlanning is vulnerable to Broken Access Control in /status endpoint. Due to lack of permission checks in Project Status functionality an authenticated attacker is able to add, edit and delete any status. This issue was fixed in version 1.55...

RUSTSEC-2024-0382 hwloc is unmaintained

hwloc will no longer be maintained as declared by the developer. The project has been archived without an issue...

Infinitietech Taskhub SQL Injection Vulnerability

Infinitietech Taskhub is Infinitietech open source a project management, finance, CRM tools. Infinitietech Taskhub version 2.8.7 SQL injection vulnerability , the vulnerability stems from the component GET Parameter Handler /home/gettaskslist there is an unknown function , through the parameter...

Malicious code in teamcity-project-status (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 027ce175942e9b0812a1f2fceb521eb8f97ddaf80f550e0dbc1691bec2854210 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-6438 Malicious code in teamcity-project-status (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 027ce175942e9b0812a1f2fceb521eb8f97ddaf80f550e0dbc1691bec2854210 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2021-24558

The pspinduplicatepostsaveasnewpost function of the Project Status WordPress plugin through 1.6 does not sanitise, validate or escape the post GET parameter passed to it before outputting it in an error message when the related post does not exist, leading to a reflected XSS issue...

Cross site scripting

The pspinduplicatepostsaveasnewpost function of the Project Status WordPress plugin through 1.6 does not sanitise, validate or escape the post GET parameter passed to it before outputting it in an error message when the related post does not exist, leading to a reflected XSS issue...

WordPress plugin Project Status 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists in WordPress plug...

Project Status <= 1.6 - Reflected Cross-Site Scripting (XSS)

The pspinduplicatepostsaveasnewpost function of the plugin does not sanitise, validate or escape the post GET parameter passed to it before outputting it in an error message when the related post does not exist, leading to a reflected XSS issue Open the below URL as any authenticated user...