Lucene search
K

48 matches found

Hacker One
Hacker One
added 2018/02/16 10:1 a.m.25 views

Dropbox: Forum posts and private messages are poorly sanitized, allowing execution of arbitrary JavaScript

The reporter informed us of both stored XSS vulnerabilities as well as unsafe css attributes that were allowed in forum posts due to TinyMCE editor. An upgrade to lithium's forum platform appears to have mitigated these vulnerabilities...

3.8AI score
Exploits0
OSV
OSV
added 2017/09/23 8:29 p.m.2 views

UBUNTU-CVE-2017-14726

Before version 4.8.2, WordPress was vulnerable to a cross-site scripting attack via shortcodes in the TinyMCE visual editor...

6.1CVSS7.1AI score0.02657EPSS
Exploits0References4
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.30 views

TinyBrowser (TinyMCE Editor File browser) 1.41.6 - Multiple Vulnerabilities

No description provided by source. ============================================================================== TinyBrowser TinyMCE Editor File browser 1.41.6 - Multiple Vulnerabilities ============================================================================== Discovered by Aung Khant, YGN...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.63 views

Roundcube Webmail 0.8.0 - Stored XSS

No description provided by source. !/usr/bin/python ''' Exploit Title: Roundcube Webmail Stored XSS. Date: 14/08/2012 Exploit Author: Shai rod @NightRang3r Vendor Homepage: http://roundcube.net Software Link:...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/11/25 12:0 a.m.43 views

Fedora 20 : moodle-2.5.3-1.fc20 (2013-21312)

Latest upstreams, multiple security fixes. Name: CVE-2013-6780 URL: https://vulners.com/cve/CVE-2013-6780 Assigned: 20131112 Reference: https://yuilibrary.com/support/20131111-vulnerability/ Cross-site scripting XSS vulnerability in uploader.swf in the Uploader component in Yahoo! YUI 2.5.0 throu...

4.6CVSS7.7AI score0.42566EPSS
Exploits12References10
Prion
Prion
added 2013/11/01 2:55 a.m.23 views

Code injection

Moodle through 2.5.2 allows remote authenticated administrators to execute arbitrary programs by configuring the aspell pathname and then triggering a spell-check operation within the TinyMCE editor...

4.6CVSS7.3AI score0.42566EPSS
Exploits10References3Affected Software1
OSV
OSV
added 2013/11/01 2:55 a.m.3 views

UBUNTU-CVE-2013-3630

Moodle through 2.5.2 allows remote authenticated administrators to execute arbitrary programs by configuring the aspell pathname and then triggering a spell-check operation within the TinyMCE editor...

4.6CVSS7.5AI score0.42566EPSS
Exploits10References5
Cvelist
Cvelist
added 2013/11/01 1:0 a.m.41 views

CVE-2013-3630

Moodle through 2.5.2 allows remote authenticated administrators to execute arbitrary programs by configuring the aspell pathname and then triggering a spell-check operation within the TinyMCE editor...

6.8AI score0.42566EPSS
Exploits10References3
Rows per page
Query Builder