IBM Cognos Controller 安全漏洞

IBM Cognos Controller is a suite of business intelligence and planning solutions from International Business Machines IBM. The product features process automation, financial audit control, and the creation and management of financial reports. A code execution vulnerability exists in IBM Cognos...

The vulnerability in the virtual learning environment Moodle arises from the lack of measures taken to protect the structure of web pages. This allows attackers to carry out XSS attacks.

The vulnerability in the virtual learning environment Moodle is related to insufficient cleaning of user data during search operations on blogs. Exploiting this vulnerability can allow a malicious actor to carry out XSS attacks remotely...

The vulnerability of the Grafana data visualization web tool, related to insufficient cleaning of user data, allows attackers to execute cross-site scripting (XSS) attacks.

The vulnerability of the Grafana data visualization web tool is related to insufficient cleaning of user data. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting XSS attacks remotely...

Mozilla Firefox 竞争条件问题漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox, which stems from insufficient cleaning of user-supplied data, and can be exploited by remote attackers to execute arbitrary HTML and script code in a...

Elastic Kibana 输入验证错误漏洞

Elastic Kibana is an application from the Dutch company Elastic. A free and open user interface that enables you to visualize Elasticsearch data and lets you navigate through the Elastic Stack. Elastic Kibana suffers from an input validation error vulnerability that stems from incorrect cleaning ...

WordPress Gtranslate Cross-Site Scripting Vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in WordPress Gtranslate versions prior to 2.8.52, which stems from...

The vulnerability of Microsoft Exchange Server servers arises from insufficient cleaning of data provided by users. This allows attackers to execute cross-site scripting attacks and execute arbitrary code in the context of the current user.

The vulnerability of Microsoft Exchange Server lies in insufficient cleaning of data provided by users. Exploiting this vulnerability allows a malicious actor to remotely execute cross-site scripting attacks and execute arbitrary code in the context of the current user, by sending a specially...