10 matches found
EUVD-2022-7374
Malicious code in bioql PyPI...
CVE-2022-43670
An improper neutralization of input during web page generation 'Cross-site Scripting' CWE-79 vulnerability in Sling App CMS version 1.1.0 and prior may allow an authenticated remote attacker to perform a reflected cross site scripting XSS attack in the taxonomy management feature...
Cross-Site Scripting (XSS)
Apache Sling - CMS UI is vulnerable to cross-site scripting. The vulnerability exists due to improper neutralization, allowing an attacker to inject and execute malicious HTML and script code through the taxonomy management feature...
Apache Sling App CMS vulnerable to Cross-site Scripting
A Cross-site Scripting vulnerability in Sling App CMS version 1.1.0 and prior may allow an authenticated remote attacker to perform a reflected cross site scripting XSS attack in the taxonomy management feature...
GHSA-JJ93-4JR5-X45H Apache Sling App CMS vulnerable to Cross-site Scripting
A Cross-site Scripting vulnerability in Sling App CMS version 1.1.0 and prior may allow an authenticated remote attacker to perform a reflected cross site scripting XSS attack in the taxonomy management feature...
Cross site scripting
An improper neutralization of input during web page generation 'Cross-site Scripting' CWE-79 vulnerability in Sling App CMS version 1.1.0 and prior may allow an authenticated remote attacker to perform a reflected cross site scripting XSS attack in the taxonomy management feature...
PT-2022-26997 · Unknown · Sling App Cms
Name of the Vulnerable Software and Affected Versions: Sling App CMS versions 1.1.0 and prior Description: The issue is related to an improper neutralization of input during web page generation, also known as Cross-site Scripting. This may allow an authenticated remote attacker to perform a...
CVE-2022-43670 XSS in Sling CMS Reference App Taxonomy Path
An improper neutralization of input during web page generation 'Cross-site Scripting' CWE-79 vulnerability in Sling App CMS version 1.1.0 and prior may allow an authenticated remote attacker to perform a reflected cross site scripting XSS attack in the taxonomy management feature...
CVE-2022-43670 XSS in Sling CMS Reference App Taxonomy Path
An improper neutralization of input during web page generation 'Cross-site Scripting' CWE-79 vulnerability in Sling App CMS version 1.1.0 and prior may allow an authenticated remote attacker to perform a reflected cross site scripting XSS attack in the taxonomy management feature...
CVE-2022-43670 XSS in Sling CMS Reference App Taxonomy Path
An improper neutralization of input during web page generation 'Cross-site Scripting' CWE-79 vulnerability in Sling App CMS version 1.1.0 and prior may allow an authenticated remote attacker to perform a reflected cross site scripting XSS attack in the taxonomy management feature...