Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 8:54 a.m.5 views

CVE-2024-4892

The BuddyPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘displayname’ parameter in versions up to, and including, 12.4.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber-level permissio...

6.4CVSS6AI score0.00322EPSS
Exploits0References1
OSV
OSV
added 2021/09/13 7:15 p.m.3 views

UBUNTU-CVE-2021-40823

A logic error in the room key sharing functionality of matrix-js-sdk aka Matrix Javascript SDK before 12.4.1 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys via crafted Matrix protocol messages that were originally sent by affected Matrix clients...

5.9CVSS6.2AI score0.00662EPSS
Exploits0References6
CNNVD
CNNVD
added 2021/09/13 12:0 a.m.24 views

Matrix 加密问题漏洞

Matrix is an ambitious new ecosystem for open federated instant messaging and VoIP. A cryptographic issue vulnerability exists in versions of Matrix Javascript SDK prior to 12.4.1, which stems from a logic error in a device's room key sharing functionality that results in insufficient...

5.9CVSS5.9AI score0.00662EPSS
Exploits0References3
OSV
OSV
added 2016/04/22 6:59 p.m.4 views

CVE-2016-1918

Cross-site scripting XSS vulnerability in the Management Console in BlackBerry Enterprise Server BES 12 before 12.4.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2016-1917...

6.1CVSS5.9AI score0.01018EPSS
Exploits0References2
OSV
OSV
added 2016/04/22 6:59 p.m.6 views

CVE-2016-1917

Cross-site scripting XSS vulnerability in the Management Console in BlackBerry Enterprise Server BES 12 before 12.4.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2016-1918...

6.1CVSS5.9AI score0.01018EPSS
Exploits0References2
Rows per page
Query Builder