CVE-2023-0323

Cross-site Scripting XSS - Stored in GitHub repository pimcore/pimcore prior to 10.5.14...

GHSA-6VF6-G3PR-J83H pimcore is vulnerable to cross-site scripting via "title field " in data objects

Impact The vulnerability is capable of resulting in stolen user cookies. Proof of Concept Login with dev account https://11.x-dev.pimcore.fun/admin/?dc=1670962076&perspective= Go to setting -- data objects -- classes -- events Click media under genaral settings Add payload in title field. Go to...

Pimcore 跨站脚本漏洞

Pimcore is an open source Web content management platform for creating and managing Web applications from the Austrian company Pimcore. The platform integrates Web content management, e-commerce frameworks and product information management applications. cross-site scripting vulnerabilities exist...

SUSE-SU-2022:0731-1 Security update for mariadb

This update for mariadb fixes the following issues: - Update to 10.5.15 bsc1196016: 10.5.15: CVE-2021-46665 CVE-2021-46664 CVE-2021-46661 CVE-2021-46668 CVE-2021-46663 10.5.14: CVE-2022-24052 CVE-2022-24051 CVE-2022-24050 CVE-2022-24048 CVE-2021-46659, bsc1195339 - The following issues have alrea...

MariaDB Multiple Vulnerabilities (Feb 2022) - Windows

MariaDB is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mariadb:mariadb"; if description...