3 matches found
GHSA-V39H-62P7-JPJC fast-uri vulnerable to host confusion via percent-encoded authority delimiters
Impact fast-uri v3.1.1 and earlier decodes percent-encoded authority delimiters %40 as @, %3A as : inside the host component and serializes them back as raw characters. This changes the URI structure, turning a hostname into userinfo plus a different host. For example,...
WordPress Chaty Plugin <= 3.1.1 is vulnerable to Cross Site Scripting (XSS)
Software Chaty Type Plugin Vulnerable versions = 3.1.1 Fixed in 3.1.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-3245 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID f10b64625618 Credits Dipak Panchal Required privilege...
WordPress Resume Builder Plugin <= 3.1.1 is vulnerable to Cross Site Scripting (XSS)
Software Resume Builder Type Plugin Vulnerable versions = 3.1.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0078 Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID 20cd873c2df4 Credits Lana Codes Required...