5 matches found
CVE-2019-14518
Evolution CMS 2.0.x allows XSS via a description and new category location in a template. NOTE: the vendor states that the behavior is consistent with the "access policy in the administration panel...
April 2, 2024, update for Access 2016 (KB5002525)
None None...
PT-2019-13728 · Evolution Cms · Evolution Cms
Name of the Vulnerable Software and Affected Versions: Evolution CMS versions 2.0.x Description: The issue allows for XSS via a description and new category location in a template. The vendor states that the behavior is consistent with the access policy in the administration panel. Recommendation...
CVE-2018-17847
The html package aka x/net/html through 2018-09-25 in Go mishandles , leading to a "panic: runtime error" index out of range in nodeStack.pop in node.go, called from parser.clearActiveFormattingElements, during an html.Parse call...
UBUNTU-CVE-2014-0157
Cross-site scripting XSS vulnerability in the Horizon Orchestration dashboard in OpenStack Dashboard aka Horizon 2013.2 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to inject arbitrary web script or HTML via the description field of a Heat template...