3 matches found
CVE-2025-66447 Chamilo LMS has validation-less redirect on login page
Chamilo LMS is a learning management system. From 1.11.0 to 2.0-beta.1, anyone can trigger a malicious redirect through the use of the redirect parameter to /login. This vulnerability is fixed in 2.0-beta.2...
Apache Drill Cross-Site Scripting Vulnerability
Apache Drill is a schema-less SQL query engine for Hapood, NoSQL and cloud storage from the Apache Apache Software Foundation. The product supports a variety of NoSQL databases and file systems , including HBase, MongoDB, MapR-DB, HDFS and MapR-FS and so on. A cross-site scripting vulnerability...
PT-2014-5360
Name of the Vulnerable Software and Affected Versions OpenStack Swift versions 1.11.0 through 1.13.1 Description A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML via the WWW-Authenticate header. Recommendations For versions 1.11.0 through 1.13.1,...