CVE-2024-51417

An issue in System.Linq.Dynamic.Core before 1.6.0 allows remote access to properties on reflection types and static properties/fields...

CVE-2024-51417

An issue in System.Linq.Dynamic.Core before 1.6.0 allows remote access to properties on reflection types and static properties/fields...

CVE-2024-51417

An issue in System.Linq.Dynamic.Core before 1.6.0 allows remote access to properties on reflection types and static properties/fields...

CVE-2024-51417

CVE-2024-51417 affects System.Linq.Dynamic.Core prior to 1.6.0. It allows remote access to properties on reflection types and static properties/fields. Affects versions before 1.6.0; remediation is to upgrade to version 1.6.0 or later. Connected sources confirm Red Hat, Veracode, GitHub advisorie...

CVE-2024-51417

An issue in System.Linq.Dynamic.Core before 1.6.0 allows remote access to properties on reflection types and static properties/fields...

PT-2025-2899 · Unknown · System.Linq.Dynamic.Core

Name of the Vulnerable Software and Affected Versions: System.Linq.Dynamic.Core versions prior to 1.6.0 Description: An issue in System.Linq.Dynamic.Core allows remote access to properties on reflection types and static properties/fields. Recommendations: For versions prior to 1.6.0, update to...

PT-2025-5149 · Unknown · Rollover Tab

Name of the Vulnerable Software and Affected Versions: Rollover Tab versions 1.3.2 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows stored Cross-site Scripting XSS. This means an attacker can inject malicious scripts into t...

Wildfly 跨站脚本漏洞

Wildfly is a powerful, modular and lightweight application server from Wildfly. A cross-site scripting vulnerability exists in Wildfly that stems from improper neutralization of input in the HAL Console component, which results in that input being output as a web page and served to other users...

CVE-2025-22569

The CVE-2025-22569 entry concerns a Reflected Cross-Site Scripting (XSS) in the Featured Page Widget for WordPress (plugin). The description indicates improper neutralization of input during web page generation, enabling a reflected XSS vulnerability. Affected scope is listed as Featured Page Wid...

PhpSpreadsheet 安全漏洞

PhpSpreadsheet is an open source PHP library from PHPOffice for reading and writing spreadsheet files. A security vulnerability exists in PhpSpreadsheet that stems from vulnerability to unauthorized reflection-based cross-site scripting attacks...

PhpSpreadsheet 安全漏洞

PhpSpreadsheet is an open source PHP library from PHPOffice for reading and writing spreadsheet files. A security vulnerability exists in PhpSpreadsheet that stems from vulnerability to unauthorized reflection-based cross-site scripting attacks...

PhpSpreadsheet 安全漏洞

PhpSpreadsheet is an open source PHP library from PHPOffice for reading and writing spreadsheet files. A security vulnerability exists in PhpSpreadsheet that stems from vulnerability to unauthorized reflection-based cross-site scripting attacks...

LinkAce 安全漏洞

LinkAce is a self-hosted archive of links to your favorite websites by Kevin Woblick Personal Developer. A security vulnerability exists in LinkAce versions prior to 1.15.6 that stems from user input that is not properly cleaned or encoded before being reflected in an HTML response. An attacker...

Misskey 安全漏洞

Misskey is a permanently free open source federated social media platform from Misskey Open Source. A security vulnerability exists in Misskey version 2024.10.1 and earlier, which stems from an undetected proxy loop that allows a remote participant to perform a self-propagating...

PT-2024-36128 · Unknown · Jules Colle Advanced Options Editor

Name of the Vulnerable Software and Affected Versions: Jules Colle Advanced Options Editor versions n/a through 1.0 Description: The issue is related to improper neutralization of input during web page generation, also known as Cross-site Scripting XSS, which allows Reflected XSS. This problem ca...

DEBIAN-CVE-2024-54001

Kanboard is project management software that focuses on the Kanban methodology. HTML can be injected and stored into the application settings section. The fields applicationlanguage, applicationdateformat,applicationtimezone and applicationtimeformat allow arbirary user input which is reflected...

PT-2024-35000 · Elementor · Ultimate Flipbox Addon For Elementor

Name of the Vulnerable Software and Affected Versions: Ultimate Flipbox Addon for Elementor versions 1.0.3 and earlier Description: The issue affects the Ultimate Flipbox Addon for Elementor, allowing Stored XSS due to improper neutralization of input during web page generation. This is a critica...

PT-2024-38049 · Genetech · Genetec Security Center

Name of the Vulnerable Software and Affected Versions: Genetec Security Center versions prior to 5.12.2.1 Description: A high-severity issue was found in the Genetec Security Center product line, allowing for arbitrary code execution on the system hosting the Web SDK role. This issue is related t...

SUSE CVE-2024-47067

AList is a file list program that supports multiple storages. AList contains a reflected cross-site scripting vulnerability in helper.go. The endpoint /i/:linkname takes in a user-provided value and reflects it back in the response. The endpoint returns an application/xml response, opening it up ...

Fortinet Fortigate TCP Middlebox Reflection (FG-IR-22-073)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-073 advisory. - A improper verification of source of a communication channel in Fortinet FortiOS with IPS engine version 7.201 through 7.21...