2 matches found
GHSA-43FF-RR26-8HX4 OpenSearch Data Prepper plugins trust all SSL certificates by default
Impact The OpenSearch sink and source plugins in Data Prepper are configured to trust all SSL certificates by default when no certificate path was provided, making connections vulnerable to man-in-the-middle attacks. Prior to this fix, the OpenSearch sink and source plugins would automatically us...
osCommerce 2.12.2 - Checkout_Payment.php Error Output Cross-Site Scripting
osCommerce 2.12.2 - CheckoutPayment.php Error Output Cross-Site Scripting source: https://www.securityfocus.com/bid/7155/info Error output is not sufficiently sanitized of HTML and script code by osCommerce. This may allow for cross-site scripting attacks as remote users could create a malicious...