Lucene search
+L

9 matches found

OSV
OSV
added 2026/05/15 3:27 p.m.12 views

CVE-2026-35194 Apache Flink: Remote code execution via SQL injection in code generation

Code injection in SQL code generation in Apache Flink 1.15.0 through 1.20.x and 2.0.0 through 2.x allows authenticated users with query submission privileges to execute arbitrary code on TaskManagers via maliciously crafted SQL queries. The vulnerability affects JSON functions 1.15.0+ and LIKE...

8.1CVSS6.4AI score0.00381EPSS
Exploits0References4
OSV
OSV
added 2023/07/21 8:24 p.m.18 views

GHSA-FMQQ-25X9-C6HM Indico vulnerable to Cross-Site-Scripting via confirmation prompts

Impact There is a Cross-Site-Scripting vulnerability in confirmation prompts commonly used when deleting content from Indico. Exploitation requires someone with at least submission privileges such as a speaker and then someone else to attempt to delete this content. Considering that event...

5.4CVSS5.3AI score0.00433EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2023/07/21 8:24 p.m.28 views

Indico vulnerable to Cross-Site-Scripting via confirmation prompts

Impact There is a Cross-Site-Scripting vulnerability in confirmation prompts commonly used when deleting content from Indico. Exploitation requires someone with at least submission privileges such as a speaker and then someone else to attempt to delete this content. Considering that event...

5.4CVSS6.7AI score0.00433EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2023/07/21 7:15 p.m.7 views

PYSEC-2023-129

Indico is an open source a general-purpose, web based event management tool. There is a Cross-Site-Scripting vulnerability in confirmation prompts commonly used when deleting content from Indico. Exploitation requires someone with at least submission privileges such as a speaker and then someone...

5.4CVSS6.8AI score0.00433EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2023/07/21 7:15 p.m.12 views

Cross site scripting

Indico is an open source a general-purpose, web based event management tool. There is a Cross-Site-Scripting vulnerability in confirmation prompts commonly used when deleting content from Indico. Exploitation requires someone with at least submission privileges such as a speaker and then someone...

4.9CVSS5.4AI score0.00433EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2023/07/21 7:15 p.m.30 views

PYSEC-2023-129

Indico is an open source a general-purpose, web based event management tool. There is a Cross-Site-Scripting vulnerability in confirmation prompts commonly used when deleting content from Indico. Exploitation requires someone with at least submission privileges such as a speaker and then someone...

5.4CVSS6.8AI score0.00433EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/07/21 6:14 p.m.15 views

CVE-2023-37901 Cross-Site-Scripting via confirmation prompts

Indico is an open source a general-purpose, web based event management tool. There is a Cross-Site-Scripting vulnerability in confirmation prompts commonly used when deleting content from Indico. Exploitation requires someone with at least submission privileges such as a speaker and then someone...

5.4CVSS6.7AI score0.00433EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/07/21 6:14 p.m.31 views

CVE-2023-37901 Cross-Site-Scripting via confirmation prompts

Indico is an open source a general-purpose, web based event management tool. There is a Cross-Site-Scripting vulnerability in confirmation prompts commonly used when deleting content from Indico. Exploitation requires someone with at least submission privileges such as a speaker and then someone...

5.4CVSS5.7AI score0.00433EPSS
Exploits0References4
OSV
OSV
added 2023/07/21 6:14 p.m.23 views

CVE-2023-37901 Cross-Site-Scripting via confirmation prompts

Indico is an open source a general-purpose, web based event management tool. There is a Cross-Site-Scripting vulnerability in confirmation prompts commonly used when deleting content from Indico. Exploitation requires someone with at least submission privileges such as a speaker and then someone...

5.4CVSS5.4AI score0.00433EPSS
Exploits0References6
Rows per page
Query Builder