10 matches found
EUVD-2022-7374
Malicious code in bioql PyPI...
CVE-2022-43670
An improper neutralization of input during web page generation 'Cross-site Scripting' CWE-79 vulnerability in Sling App CMS version 1.1.0 and prior may allow an authenticated remote attacker to perform a reflected cross site scripting XSS attack in the taxonomy management feature...
Cross-Site Scripting (XSS)
Apache Sling - CMS UI is vulnerable to cross-site scripting. The vulnerability exists due to improper neutralization, allowing an attacker to inject and execute malicious HTML and script code through the taxonomy management feature...
GHSA-JJ93-4JR5-X45H Apache Sling App CMS vulnerable to Cross-site Scripting
A Cross-site Scripting vulnerability in Sling App CMS version 1.1.0 and prior may allow an authenticated remote attacker to perform a reflected cross site scripting XSS attack in the taxonomy management feature...
Apache Sling App CMS vulnerable to Cross-site Scripting
A Cross-site Scripting vulnerability in Sling App CMS version 1.1.0 and prior may allow an authenticated remote attacker to perform a reflected cross site scripting XSS attack in the taxonomy management feature...
CVE-2022-43670
An improper neutralization of input during web page generation 'Cross-site Scripting' CWE-79 vulnerability in Sling App CMS version 1.1.0 and prior may allow an authenticated remote attacker to perform a reflected cross site scripting XSS attack in the taxonomy management feature...
Cross site scripting
An improper neutralization of input during web page generation 'Cross-site Scripting' CWE-79 vulnerability in Sling App CMS version 1.1.0 and prior may allow an authenticated remote attacker to perform a reflected cross site scripting XSS attack in the taxonomy management feature...
PT-2022-26997 · Unknown · Sling App Cms
Name of the Vulnerable Software and Affected Versions: Sling App CMS versions 1.1.0 and prior Description: The issue is related to an improper neutralization of input during web page generation, also known as Cross-site Scripting. This may allow an authenticated remote attacker to perform a...
CVE-2022-43670 XSS in Sling CMS Reference App Taxonomy Path
An improper neutralization of input during web page generation 'Cross-site Scripting' CWE-79 vulnerability in Sling App CMS version 1.1.0 and prior may allow an authenticated remote attacker to perform a reflected cross site scripting XSS attack in the taxonomy management feature...
CVE-2022-43670 XSS in Sling CMS Reference App Taxonomy Path
An improper neutralization of input during web page generation 'Cross-site Scripting' CWE-79 vulnerability in Sling App CMS version 1.1.0 and prior may allow an authenticated remote attacker to perform a reflected cross site scripting XSS attack in the taxonomy management feature...