3 matches found
knockout: Cross-site Scripting (XSS) attacks due to not escaping the name attribute.
There is a vulnerability in knockout before version 3.5.0-beta, where after escaping the context of the web application, the web application delivers data to its users along with other trusted dynamic content, without validating it...
DotCMS Cross-Site Scripting Vulnerability
DotCMS is a content management system CMS from the American company DotCMS. The system supports RSS feeds , blogs , forums and other modules , and is easy to extend and build features . A cross-site scripting vulnerability exists in DotCMS 3.5 Beta. An attacker can exploit this vulnerability to...
DotCMS Directory Traversal Vulnerability
DotCMS is a content management system CMS from the American company DotCMS. The system supports RSS feeds , blogs , forums and other modules , and is easy to extend and build features . A directory traversal vulnerability exists in the com.dotmarketing.servlets.taillog.TailLogServlet.class file i...