EUVD-2024-2687

Malicious code in bioql PyPI...

Scrypted Cross-site Scripting vulnerability

Scrypted is a home video integration and automation platform. In versions 0.55.0 and prior, a reflected cross-site scripting vulnerability exists in the plugin-http.ts file via the owner' and 'pkg parameters. An attacker can run arbitrary JavaScript code. As of time of publication, no known patch...

CVE-2023-47623

Scrypted is a home video integration and automation platform. In versions 0.55.0 and prior, a reflected cross-site scripting vulnerability exists in the login page via the redirecturi parameter. By specifying a url with the javascript scheme javascript:, an attacker can run arbitrary JavaScript...

CVE-2023-47620

Scrypted is a home video integration and automation platform. In versions 0.55.0 and prior, a reflected cross-site scripting vulnerability exists in the plugin-http.ts file via the owner' and 'pkg parameters. An attacker can run arbitrary JavaScript code...

CVE-2023-47620

CVE-2023-47620 affects Scrypted up to v0.55.0, where a reflected Cross-Site Scripting (XSS) vulnerability exists in the plugin-http.ts endpoint using the owner and pkg parameters. The vulnerability allows an attacker to inject arbitrary JavaScript by reflecting user-controlled input back in the r...

Embedded Video WordPress Plugin Cross Site Vulnerability (XSS) - CVE-2010-4277

Dear List, I'm writing on behalf of the Check Point Vulnerability Discovery Team to publish the following vulnerability. Check Point Software Technologies - Vulnerability Discovery Team VDT http://www.checkpoint.com/defense/ Embedded Video WordPress Plugin Cross Site Scripting Vulnerability...