719component (>=1.1.1 <=1.1.6), @21st-night/analytics-web (>=0.65.0 <=0.79.0) +903 more potentially affected by CVE-2024-34342 via react-pdf (>=0.0.10 <=7.7.1)

react-pdf NPM version =0.0.10, =1.1.1, =0.65.0, =0.67.0, =0.53.0, =0.53.0, =0.53.0, =0.53.0, =0.34.0, =0.49.0, =0.53.0, =0.34.0, =0.53.0, =0.34.0, =0.53.0, =0.34.0, =0.48.8 and more Source cves: CVE-2024-34342 Source advisory: OSV:GHSA-87HQ-Q4GP-9WR4...

PT-2024-30030 · Bluenet Technology · Bluenet Technology Clinical Browsing System

Name of the Vulnerable Software and Affected Versions: BlueNet Technology Clinical Browsing System version 1.2.1 Description: A critical issue has been found, affecting an unknown part of the file /xds/deleteStudy.php. The manipulation of the documentUniqueId argument leads to SQL injection. It i...

studyabroad.webs.upv.es Cross Site Scripting vulnerability OBB-3880143

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

study-in-spain.es Cross Site Scripting vulnerability OBB-3873225

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

How a $10B Enterprise Customer Drastically Increased their SaaS Security Posture with 201% ROI by Using SSPM

SaaS applications are the darlings of the software world. They enable work from anywhere, facilitate collaboration, and offer a cost-effective alternative to owning the software outright. At the same time, the very features that make SaaS apps so embraced – access from anywhere and collaboration ...

CVE-2023-7238

A XSS payload can be uploaded as a DICOM study and when a user tries to view the infected study inside the Osimis WebViewer the XSS vulnerability gets triggered. If exploited, the attacker will be able to execute arbitrary JavaScript code inside the victim's browser...

CVE-2023-7238

A XSS payload can be uploaded as a DICOM study and when a user tries to view the infected study inside the Osimis WebViewer the XSS vulnerability gets triggered. If exploited, the attacker will be able to execute arbitrary JavaScript code inside the victim's browser...

CVE-2023-7238

The CVE-2023-7238 issue affects the Osimis WebViewer (Orthanc Osimis DICOM Web Viewer). The vulnerability is a Cross-site Scripting (XSS) flaw where an attacker can upload a malicious DICOM study and trigger JavaScript execution when a user views it in the WebViewer. Affected product component is...

PT-2024-15244 · Osimis · Osimis Webviewer

Name of the Vulnerable Software and Affected Versions: Osimis WebViewer affected versions not specified Description: A XSS payload can be uploaded as a DICOM study and when a user tries to view the infected study inside the Osimis WebViewer, the issue gets triggered. If exploited, the attacker wi...

Code Written with AI Assistants Is Less Secure

Interesting research: "Do Users Write More Insecure Code with AI Assistants?": Abstract: We conduct the first large-scale user study examining how users interact with an AI Code assistant to solve a variety of security related tasks across different programming languages. Overall, we find that...

GAO Study Reveals: Government Faces Challenges with Continuous Monitoring

Learn how government agencies can meet the GAO’s recommended cloud security best practices by establishing continuous risk and compliance monitoring in the cloud...

PT-2023-27296 · Softneta · Meddream Pacs

Name of the Vulnerable Software and Affected Versions: Softneta MedDream PACS affected versions not specified Description: The issue concerns a lack of authentication check in the affected product, leading to the performance of dangerous functionality. This could result in unauthenticated remote...

CVE-2023-36317

Cross Site Scripting XSS vulnerability in sourcecodester Student Study Center Desk Management System 1.0 allows attackers to run arbitrary code via crafted GET request to web application URL...

CVE-2023-36317

Cross Site Scripting XSS vulnerability in sourcecodester Student Study Center Desk Management System 1.0 allows attackers to run arbitrary code via crafted GET request to web application URL...

Cross site scripting

Cross Site Scripting XSS vulnerability in sourcecodester Student Study Center Desk Management System 1.0 allows attackers to run arbitrary code via crafted GET request to web application URL...

Student Study Center Desk Management System 跨站脚本漏洞

Student Study Center Desk Management System is a student study center desk management system. A security vulnerability exists in Student Study Center Desk Management System version 1.0. An attacker can exploit this vulnerability by sending a specially crafted GET request to run arbitrary code...

CVE-2023-36317

CVE-2023-36317 affects sourcecodester Student Study Center Desk Management System 1.0. It is a Cross Site Scripting (XSS) vulnerability exploitable via a crafted GET request to the web application URL that could allow arbitrary code execution in the user’s browser/session. Documents do not provid...

CVE-2023-36317

Cross Site Scripting XSS vulnerability in sourcecodester Student Study Center Desk Management System 1.0 allows attackers to run arbitrary code via crafted GET request to web application URL...

study-in-spain.es Cross Site Scripting vulnerability OBB-3606306

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Cynomi Study Reveals Number of MSPs Providing Virtual CISO Services Will Grow Fivefold By Next Year

By Owais Sultan The State of the Virtual CISO 2023” report, conducted by Global Surveys on behalf of Cynomi, reveals critical insights into MSPs and MSSPs’ recent shift towards vCISO services. This is a post from HackRead.com Read the original post: Cynomi Study Reveals Number of MSPs Providing...