SUSE CVE-2023-6481

A serialization vulnerability in logback receiver component part of logback version 1.4.13, 1.3.13 and 1.2.12 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data...

CVE-2025-61681 Kuno is Vulnerable to Stored XSS Attack via SVG File Upload

KUNO CMS is a fully deployable full-stack blog application. Versions 1.3.13 and below contain validation flaws in its file upload functionality that can be exploited for stored XSS. The upload endpoint only validates file types based on Content-Type headers, lacks file content analysis and...

WordPress plugin WooCommerce Photo Reviews 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A cross-site scripting...

PT-2024-12213 · Unknown · Alexacrm Dynamics 365 Integration

Name of the Vulnerable Software and Affected Versions: AlexaCRM Dynamics 365 Integration versions 1.3.13 and earlier Description: The issue is related to a Missing Authorization vulnerability in AlexaCRM Dynamics 365 Integration, which allows exploiting incorrectly configured access control...

UBUNTU-CVE-2023-6481

A serialization vulnerability in logback receiver component part of logback version 1.4.13, 1.3.13 and 1.2.12 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data...