9 matches found
CVE-2022-4413
Cross-site Scripting XSS - Reflected in GitHub repository nuxt/framework prior to v3.0.0-rc.13...
CVE-2022-4414
Cross-site Scripting XSS - DOM in GitHub repository nuxt/framework prior to v3.0.0-rc.13...
Insufficient Session Expiration
Overview Affected versions of this package are vulnerable to Insufficient Session Expiration through the Session API. An attacker can authenticate on behalf of the user by repeatedly using idp intents to retrieve the id and token from the application's URI. Remediation Upgrade...
Insufficient Session Expiration
Overview Affected versions of this package are vulnerable to Insufficient Session Expiration through the Session API. An attacker can authenticate on behalf of the user by repeatedly using idp intents to retrieve the id and token from the application's URI. Remediation Upgrade...
Insufficient Session Expiration
Overview Affected versions of this package are vulnerable to Insufficient Session Expiration through the Session API. An attacker can authenticate on behalf of the user by repeatedly using idp intents to retrieve the id and token from the application's URI. Remediation Upgrade...
Insufficient Session Expiration
Overview Affected versions of this package are vulnerable to Insufficient Session Expiration through the Session API. An attacker can authenticate on behalf of the user by repeatedly using idp intents to retrieve the id and token from the application's URI. Remediation Upgrade...
CVE-2022-4414 Cross-site Scripting (XSS) - DOM in nuxt/framework
Cross-site Scripting XSS - DOM in GitHub repository nuxt/framework prior to v3.0.0-rc.13...
CVE-2022-4413 Cross-site Scripting (XSS) - Reflected in nuxt/framework
Cross-site Scripting XSS - Reflected in GitHub repository nuxt/framework prior to v3.0.0-rc.13...
jenkins-git-client-plugin: OS command injection via 'git ls-remote'
Jenkins Git Client Plugin 2.8.4 and earlier and 3.0.0-rc did not properly restrict values passed as URL argument to an invocation of 'git ls-remote', resulting in OS command injection...