2 matches found
CVE-2018-1000611
SURFnet OpenConext EngineBlock version 5.7.0 to 5.7.3 contains a Cross Site Scripting XSS vulnerability that can result in Allows an attacker to inject arbitrary web scripts or HTML into help and login pages. This attack appear to be exploitable via the victim opening a specially crafted URL...
PT-2024-27360 · Mattermost · Mattermost Desktop App
Name of the Vulnerable Software and Affected Versions: Mattermost Desktop App versions =5.7.0 Description: The issue allows a remote attacker to force a victim to run arbitrary programs on their system via custom URI schemes, due to the application's failure to correctly prompt for permission whe...