Lucene search
K

15 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 9:41 a.m.8 views

CVE-2024-1525

An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.1 before 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1. Under some specialized conditions, an LDAP user may be able to reset their password using their...

5.3CVSS6.8AI score0.00453EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2024/02/22 12:15 a.m.6 views

CVE-2024-1525

An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.1 before 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1. Under some specialized conditions, an LDAP user may be able to reset their password using their...

5.3CVSS5.7AI score0.00453EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/02/22 12:15 a.m.1 views

UBUNTU-CVE-2024-1525

An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.1 before 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1. Under some specialized conditions, an LDAP user may be able to reset their password using their...

5.3CVSS6AI score0.00453EPSS
Exploits0References3
Prion
Prion
added 2024/02/22 12:15 a.m.24 views

Default credentials

An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.1 before 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1. Under some specialized conditions, an LDAP user may be able to reset their password using their...

2.1CVSS7.1AI score0.00453EPSS
Exploits0References1Affected Software1
Check Point Advisories
Check Point Advisories
added 2022/11/10 12:0 a.m.4 views

Zoho ManageEngine ServiceDesk Cross-Site Scripting (CVE-2021-46065)

A cross-site scripting vulnerability exists in Zoho ManageEngine ServiceDesk. The vulnerability is due to improper sanitization of secondary email field parameter...

3.5CVSS1.8AI score0.91737EPSS
Exploits1
ATTACKERKB
ATTACKERKB
added 2022/08/05 4:15 p.m.8 views

CVE-2022-2326

An issue has been discovered in GitLab CE/EE affecting all versions before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. It may be possible to gain access to a private project through an email invite by using other user's email address as an...

8.1CVSS5.7AI score0.00705EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2022/07/29 12:0 a.m.26 views

GitLab CE/EE 安全漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD continuous integration and continuous delivery, and other features. A security vulnerability exists in GitLab CE/EE that originates from an email...

8.1CVSS7.7AI score0.00705EPSS
Exploits0References5
OSV
OSV
added 2022/01/27 4:15 p.m.5 views

CVE-2021-46065

A Cross-site scripting XSS vulnerability in Secondary Email Field in Zoho ManageEngine ServiceDesk Plus 11.3 Build 11306 allows an attackers to inject arbitrary JavaScript code...

4.8CVSS5.9AI score0.91737EPSS
Exploits1References2
NVD
NVD
added 2022/01/27 4:15 p.m.15 views

CVE-2021-46065

A Cross-site scripting XSS vulnerability in Secondary Email Field in Zoho ManageEngine ServiceDesk Plus 11.3 Build 11306 allows an attackers to inject arbitrary JavaScript code...

4.8CVSS0.91737EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/01/27 4:15 p.m.6 views

CVE-2021-46065

A Cross-site scripting XSS vulnerability in Secondary Email Field in Zoho ManageEngine ServiceDesk Plus 11.3 Build 11306 allows an attackers to inject arbitrary JavaScript code...

4.8CVSS5.6AI score0.91737EPSS
Exploits1References3
Prion
Prion
added 2022/01/27 4:15 p.m.18 views

Cross site scripting

A Cross-site scripting XSS vulnerability in Secondary Email Field in Zoho ManageEngine ServiceDesk Plus 11.3 Build 11306 allows an attackers to inject arbitrary JavaScript code...

3.5CVSS4.9AI score0.91737EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/01/27 3:29 p.m.22 views

CVE-2021-46065

A Cross-site scripting XSS vulnerability in Secondary Email Field in Zoho ManageEngine ServiceDesk Plus 11.3 Build 11306 allows an attackers to inject arbitrary JavaScript code...

5.3AI score0.91737EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/01/27 12:0 a.m.5 views

ZOHO ManageEngine ServiceDesk Plus 跨站脚本漏洞

ZOHO ManageEngine ServiceDesk Plus SDP is the United States ZhuoHao ZOHO company's set of ITIL-based architecture of IT service management software. The software integrates Incident Management, Problem Management, Asset Management IT Project Management, Procurement and Contract Management and oth...

4.8CVSS5.2AI score0.91737EPSS
Exploits1References2
Hacker One
Hacker One
added 2017/04/24 10:33 a.m.21 views

Weblate: CSRF - Changing the full name / adding a secondary email identity of an account via a GET request

SUMMARY ---------- Hello, I have found a CSRF request via the activation email that will change the full name of the targeted account. This vulnerability exists if the attacker registers a new account and then gives his activation link to someone else. If the victim uses the received activation...

1.4AI score
Exploits0
Packet Storm
Packet Storm
added 2012/09/15 12:0 a.m.19 views

LinkedIn Clickjacking / Open Redirection

Linkedin's Clickjacking & Open Url Redirection Vulnerabilities Vulnerability Title: Secondary Email Addition & Deletion Via Click Jacking in Linkedin Website Link: Tried on Indian version Found on: 06/08/2012 Author: Ajay Singh Negi Version: All language versions would be vulnerable Tested on:...

7.4AI score
Exploits0
Rows per page
Query Builder