2 matches found
CVE-2024-31985
XWiki Platform is a generic wiki platform. Starting in version 3.1 and prior to versions 4.10.20, 15.5.4, and 15.10-rc-1, it is possible to schedule/trigger/unschedule existing jobs by having an admin visit the Job Scheduler page through a predictable URL, for example by embedding such an URL in...
Archery Cross-Site Scripting Vulnerability
Archery is an open source vulnerability assessment and management tool that helps developers and penetration testers perform scans and manage vulnerabilities. A stored cross-site scripting vulnerability exists in the Vulnerability Scan Scheduling page in Archery versions prior to 1.3. An attacker...