10 matches found
EUVD-2020-3439
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2020-11062
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GLPI after 0.68.1 and before 9.4.6, multiple reflexive XSS occur in Dropdown endpoints due to an invalid Content-Type. This has been fixed in version 9.4.6...
CVE-2020-11062
In GLPI after 0.68.1 and before 9.4.6, multiple reflexive XSS occur in Dropdown endpoints due to an invalid Content-Type. This has been fixed in version 9.4.6...
FreeBSD : glpi -- Reflexive XSS in Dropdown menus (07aecafa-3b12-11eb-af2a-080027dbe4b7)
MITRE Corporation reports : In GLPI after 0.68.1 and before 9.4.6, multiple reflexive XSS occur in Dropdown endpoints due to an invalid Content-Type. This has been fixed in version 9.4.6. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from t...
CVE-2020-11062
In GLPI after 0.68.1 and before 9.4.6, multiple reflexive XSS occur in Dropdown endpoints due to an invalid Content-Type. This has been fixed in version 9.4.6...
CVE-2020-11062
In GLPI after 0.68.1 and before 9.4.6, multiple reflexive XSS occur in Dropdown endpoints due to an invalid Content-Type. This has been fixed in version 9.4.6...
glpi -- Reflexive XSS in Dropdown menus
MITRE Corporation reports: In GLPI after 0.68.1 and before 9.4.6, multiple reflexive XSS occur in Dropdown endpoints due to an invalid Content-Type. This has been fixed in version 9.4.6...
(Plone): Reflexive HTTP header injection
It was discovered that Plone, included as a part of luci, did not properly sanitize HTTP headers provided within certain URL requests. A remote attacker could use a specially crafted URL that, when processed, would cause the injected HTTP headers to be returned as a part of the Plone HTTP respons...
TYPO3后端用户管理反射型跨站脚本漏洞
TYPO3是一款基于PHP4/PHP5+MYsql的内容管理系统。 TYPO3后端用户管理Backend User Administration存在反射型跨站脚本漏洞,允许远程攻击者利用漏洞构建恶意URI,诱使用户解析,当恶意数据被查看时可获取敏感信息或者劫持用户会话。 0 TYPO3 6.0.0 TYPO3 6.0.11 TYPO3 6.1.0 TYPO3 6.1.6 TYPO3 6.2 厂商补丁: TYPO3 ----- TYPO3 4.5.32, 4.7.17, 6.0.12, 6.1.7已经修复该漏洞,请到厂商的主页下载: http://typo3.org/...
Why Bob Maley's Firing is Bad for All of Us
The news that Pennsylvania CISO Bob Maley lost his job for publicly discussing a security incident at last week’s RSA Conference really shouldn’t come as a surprise, but it does. Even for a government agency, this kind of lack of understanding of what actually matters is appalling and it is a...