Hitachi Vantara Pentaho Business Analytics Server 代码注入漏洞

Hitachi Vantara Pentaho Business Analytics Server is a modern data blending, integration, and business analytics platform from Hitachi, Ltd Hitachi, Japan. A security vulnerability exists in Hitachi Vantara Pentaho Business Analytics Server versions prior to 9.4.0.1, which stems from a...

IBM Net.Data db2www CGI interpreter fails to properly validate requested macro filenames

Overview IBM Net.Data fails to properly validate user input passed to the db2www CGI interpreter, which could allow an attacker to mount a cross-site scripting attack against a vulnerable system. Description IBM Net.Data is a scripting language used to create web applications. Net.Data macros are...

Security Bulletin MS01-055

---------------------------------------------------------------------- Title: Cookie Data in IE Can Be Exposed or Altered Through Script Injection Date: 08 November 2001 Software: Internet Explorer Impact: Exposure and altering of data in cookies Max Risk: High Bulletin: MS01-055 Microsoft...

Minor IE vulnerability: about: URLs

Zone spoofing? Oh yes, that reminds me. Here's another one. Affected: Internet Explorer under Windows, up to version 6 Risk: Low Workaround: Disable scripting in the Internet Zone Problem: If an unknown 'about:' name is used, IE echos the string exactly to the page. So 'about:foo' results in an...