10 matches found
EUVD-2025-4744
Malicious code in bioql PyPI...
CVE-2024-11753
The UMich OIDC Login plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'umichoidcbutton' shortcode in all versions up to, and including, 1.2.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-11753
The UMich OIDC Login plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'umichoidcbutton' shortcode in all versions up to, and including, 1.2.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-11753 UMich OIDC Login <= 1.2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
The UMich OIDC Login plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'umichoidcbutton' shortcode in all versions up to, and including, 1.2.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-11753 UMich OIDC Login <= 1.2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
The UMich OIDC Login plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'umichoidcbutton' shortcode in all versions up to, and including, 1.2.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-11753
CVE-2024-11753 affects the UMich OIDC Login plugin for WordPress. The vulnerability is a Stored XSS in the plugin’s umich_oidc_button shortcode attributes, present in all versions up to and including 1.2.0, caused by insufficient input sanitization and output escaping of user-supplied attributes....
ctms.engin.umich.edu Cross Site Scripting vulnerability OBB-3149043
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
africanamericanstudentproject.bentley.umich.edu Cross Site Scripting vulnerability OBB-2799248
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
kayhan.astro.lsa.umich.edu Cross Site Scripting vulnerability OBB-2262291
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
confluence.engin.umich.edu XSS vulnerability
Open Bug Bounty ID: OBB-610685 Description| Value ---|--- Affected Website:| confluence.engin.umich.edu Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...