pimCore 5.4.18 - PHPSESSID cookie Session Exploit

Title: pimCore-5.4.18-skeleton Sensitive Cookie with Improper SameSite Attribute - PHPSESSID cookie Session vulnerability Author: nu11secur1ty Vendor: https://pimcore.com/en Software: https://packagist.org/packages/pimcore/skeleton Reference:...

VeriSign Kontiki Delivery Management System 5.0 - 'action' Cross-Site Scripting

source: https://www.securityfocus.com/bid/31580/info Kontiki Delivery Management System is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an...