IBM InfoSphere Information Server 跨站脚本漏洞

IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. A cross-site scripting vulnerability exists in IBM InfoSphere Information Server version 11.7,...

PT-2022-24624 · Unknown · Common User Interface

Name of the Vulnerable Software and Affected Versions: Common User Interface Component affected versions not specified Description: The issue is related to some UI elements of the Common User Interface Component not properly sanitizing output, making them prone to output arbitrary HTML, which can...

BlueSpice 跨站脚本漏洞

BlueSpice is free Wiki software from BlueSpice based on the MediaWiki engine. BlueSpice suffers from a cross-site scripting vulnerability that stems from the fact that some of the UI elements of its Common User Interface component are not properly sanitized for output, and are therefore prone to...

The vulnerability of Microsoft SharePoint Foundation, SharePoint Server, and SharePoint Enterprise Server lies in information representation errors in the user interface, which allows attackers to perform spear-phishing attacks.

The vulnerability of Microsoft SharePoint Foundation, SharePoint Server, and SharePoint Enterprise Server relates to information display errors in the user interface. Exploiting this vulnerability can allow an attacker to perform spear-phishing attacks remotely...

CVE-2022-34317

IBM CICS TX 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 229459...

Liferay Portal和Liferay DXP 安全漏洞

Liferay Portal and Liferay DXP are both products of Liferay Inc.Liferay Portal is a J2EE-based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP ...

PT-2022-22124 · Ibm · Ibm Cics Tx

Name of the Vulnerable Software and Affected Versions: IBM CICS TX version 11.1 Description: The issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted session. Recommendations: Fo...

PT-2022-22126 · Ibm · Ibm Cics Tx

Name of the Vulnerable Software and Affected Versions: IBM CICS TX version 11.1 Description: The issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted session. Recommendations: Fo...

CVE-2022-40750

IBM WebSphere Application Server 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...

CVE-2022-36776

IBM Cloud Pak for Security CP4S 1.10.0.0 79and 1.10.2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM...

IBM Cloud Pak for Security 跨站脚本漏洞

IBM Cloud Pak for Security is an application from International Business Machines IBM, Inc. an open security platform that connects to your existing data sources to generate deeper insights and enables you to take automated actions faster.IBM Cloud Pak for Security has a security vulnerability th...

PT-2022-23617 · Ibm · Ibm Cloud Pak For Security

Name of the Vulnerable Software and Affected Versions: IBM Cloud Pak for Security CP4S versions 1.10.0.0 through 1.10.2.0 Description: The issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure...

PT-2022-25510 · Ibm · Ibm Websphere Application Server

Name of the Vulnerable Software and Affected Versions: IBM WebSphere Application Server versions 8.5 through 9.0 Description: This issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a...

Fedora: Security Advisory for php-oojs-oojs-ui (FEDORA-2022-ea159a2ec4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-3183-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-5274-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

UBUNTU-CVE-2022-3448

Use after free in Permissions API in Google Chrome prior to 106.0.5249.119 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

[SECURITY] [DLA 3183-1] webkit2gtk security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3183-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort November 09, 2022 https://wiki.debian.org/LTS -...

PT-2022-24954 · Vela Ui +2 · Vela Ui +3

Name of the Vulnerable Software and Affected Versions: Vela Server versions prior to 0.16.0 Vela Worker versions prior to 0.16.0 Vela UI versions prior to 0.17.0 Description: The issue concerns default configurations in Vela that allow exploitation and container breakouts. Specifically, running...

Debian dla-3183 : gir1.2-javascriptcoregtk-4.0 - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3183 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3183-1 [email protected]...