8 matches found
CVE-2025-62712 JumpServer Connection Token Leak Vulnerability
JumpServer is an open source bastion host and an operation and maintenance security audit system. In JumpServer versions prior to v3.10.20-lts and v4.10.11-lts, an authenticated, non-privileged user can retrieve connection tokens belonging to other users via the super-connection API endpoint...
EUVD-2024-46390
Malicious code in bioql PyPI...
CVE-2022-3731
A vulnerability has been found in seccome Ehoney and classified as critical. Affected by this vulnerability is an unknown functionality of the file /api/v1/attack/token. The manipulation of the argument Payload leads to sql injection. The attack can be launched remotely. The identifier VDB-212413...
CVE-2015-2197
Cross-site scripting XSS vulnerability in the Entity API module before 7.x-1.6 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a field label in the Token API...
CVE-2022-3731
A vulnerability has been found in seccome Ehoney and classified as critical. Affected by this vulnerability is an unknown functionality of the file /api/v1/attack/token. The manipulation of the argument Payload leads to sql injection. The attack can be launched remotely. The identifier VDB-212413...
Fedora 20 : drupal7-entity-1.6-1.fc20 (2015-2826)
7.x-1.6 See SA-CONTRIB-2015-053 - Entity API - Cross Site Scripting XSS Changes since 7.x-1.5 : - by klausi: Sanitize field labels before passing them to the Token API. - Issue 2264079 by Amitaibu, fago: Fixed $wrapper-access might be wrong for single entity reference field. - Issue 2039601 by...
CVE-2015-2197
Cross-site scripting XSS vulnerability in the Entity API module before 7.x-1.6 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a field label in the Token API...
Cross site scripting
Cross-site scripting XSS vulnerability in the Entity API module before 7.x-1.6 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a field label in the Token API...