7 matches found
Duplicate Advisory: Reflected XSS in go-httpbin due to unrestricted client control over Content-Type
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-528q-4pgm-wvg2. This link is maintained to preserve external references. Original Description A cross-site scripting XSS vulnerability in mccutchen httpbin v2.17.1 allows attackers to execute arbitrary web scrip...
CVE-2025-45286
A cross-site scripting XSS vulnerability in mccutchen httpbin v2.17.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2025-45286
CVE-2025-45286 : A cross-site scripting (XSS) vulnerability affects the Go-based web framework/application mccutchen httpbin version 2.17.1 . The issue allows an attacker to inject arbitrary web scripts or HTML via a crafted payload. According to the CVE metadata, the attack vector is network-bas...
Security Bulletin: Vulnerability in Apache Log4j may affect IBM Spectrum Archive Enterprise Edition (CVE-2021-4104)
Summary A vulnerability in Apache Log4j v1 could result in remote code execution. IBM Spectrum Archive Enterprise Edition includes the IBM Spectrum Protect Backup-Archive Client which installs the vulnerable Log4j v1 files. The below fix package includes Apache Log4j 2.17.1. Vulnerability Details...
Security Bulletin: IBM TRIRIGA Connector for Esri ArcGIS Indoors a component of IBM TRIRIGA Portfolio Data Manager is vulnerable to denial of service and arbitrary code execution due to Apache Log4j (CVE-2021-45105 and CVE-2021-45046)
Summary IBM TRIRIGA Connector for Esri ArcGIS Indoors is vulnerable to a denial of service and arbitrary code execution due to Apache Log4j CVE-2021-45105 and CVE-2021-45046. Apache Log4j is used by IBM TRIRIGA Connector for Esri ArcGIS Indoors as part of its logging infrastructure. This bulletin...
Security Bulletin: Vulnerability in Apache Log4j (CVE-2021-45105) affects the IBM Performance Management product
Summary The APM v8.1.4.0 Server installs an Online Help application that contains Log4j v2.3. A vulnerability was found in this version of Log4j that is documented by CVE-2021-44228 and fixed in Log4j v2.17.1. Vulnerability Details CVEID: CVE-2021-45105 DESCRIPTION: Apache Log4j is vulnerable to ...
Security Bulletin: Vulnerability in Apache Log4j (CVE-2021-44832) affects the IBM Performance Management product
Summary The APM v8.1.4.0 Server installs an Online Help application that contains Log4j v2.3. A vulnerability was found in this version of Log4j that is documented by CVE-2021-44832 and fixed in Log4j v2.17.1. Vulnerability Details CVEID: CVE-2021-44832 DESCRIPTION: Apache Log4j could allow a...