9 matches found
EUVD-2022-42502
Malicious code in bioql PyPI...
CVE-2022-3073
Quanos "SCHEMA ST4" example web templates in version Bootstrap 2019 v2/2021 v1/2022 v1/2022 SP1 v1 or below are prone to JavaScript injection allowing a remote attacker to hijack existing sessions to e.g. other web services in the same environment or execute scripts in the users browser...
CVE-2022-3073
Quanos "SCHEMA ST4" example web templates in version Bootstrap 2019 v2/2021 v1/2022 v1/2022 SP1 v1 or below are prone to JavaScript injection allowing a remote attacker to hijack existing sessions to e.g. other web services in the same environment or execute scripts in the users browser...
Input validation
Quanos "SCHEMA ST4" example web templates in version Bootstrap 2019 v2/2021 v1/2022 v1/2022 SP1 v1 or below are prone to JavaScript injection allowing a remote attacker to hijack existing sessions to e.g. other web services in the same environment or execute scripts in the users browser...
CVE-2022-3073 Quaonos Schema ST4 example templates prone to XSS
Quanos "SCHEMA ST4" example web templates in version Bootstrap 2019 v2/2021 v1/2022 v1/2022 SP1 v1 or below are prone to JavaScript injection allowing a remote attacker to hijack existing sessions to e.g. other web services in the same environment or execute scripts in the users browser...
CVE-2022-3073
The CVE-2022-3073 entry concerns Quanos SCHEMA ST4 example web templates (Bootstrap 2019 v2 through 2022 SP1 v1). Affected component is the *-schema.js script, whose JavaScript injection vulnerability can allow a remote attacker to hijack existing sessions or run scripts in a user’s browser. Docu...
CVE-2022-3073 Quaonos Schema ST4 example templates prone to XSS
Quanos "SCHEMA ST4" example web templates in version Bootstrap 2019 v2/2021 v1/2022 v1/2022 SP1 v1 or below are prone to JavaScript injection allowing a remote attacker to hijack existing sessions to e.g. other web services in the same environment or execute scripts in the users browser...
Bootstrap 跨站脚本漏洞
Bootstrap is an open source web front-end framework developed using HTML, CSS and JavaScript. A cross-site scripting vulnerability exists in Bootstrap 2019 v2, 2021 v1, 2022 v1, 2022 SP1 v1, and prior versions, which stems from the Quanos "SCHEMA ST4" sample web template being vulnerable to...
PT-2022-20267 · Unknown · Quanos Schema St4
Name of the Vulnerable Software and Affected Versions: Quanos SCHEMA ST4 versions Bootstrap 2019 v2 through 2022 SP1 v1 Description: The issue allows a remote attacker to perform JavaScript injection, potentially hijacking existing sessions to access other web services in the same environment or...