8 matches found
HCL DFXAnalytics 跨站脚本漏洞
HCL DFXAnalytics is a software delivery and operations analytics platform developed by the Indian company HCL. HCL DFXAnalytics has a cross-site scripting vulnerability, which stems from insecure Security Header configurations. The Content-Security-Policy does not define strict directives for...
CVE-2024-1656
Affected versions of Octopus Server had a weak content security policy...
CVE-2024-1656
CVE-2024-1656 affects Octopus Server; vulnerable component is the web content security policy implementation, described as a weak CSP. CVSSv3.1 base score 2.6 (Low) with Network attack vector, High attack complexity, Privileges required Low, User interaction Required. The exploitation status is n...
CVE-2024-1656
Affected versions of Octopus Server had a weak content security policy...
GitLab Enterprise Edition和GitLab Community Edition 跨站脚本漏洞
GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of GitLab, Inc. GitLab Enterprise Edition is a content management system. GitLab Enterprise Edition is a content management system. A cross-site scripting vulnerability exists in GitLab CE/EE versions 15.4 through...
GHSA-8VX9-HCVQ-GFV8 MantisBT XSS through weak CSP when using Gravatar plugin
MantisBT before 1.3.1 and 2.x before 2.0.0-beta.2 uses a weak Content Security Policy when using the Gravatar plugin, which allows remote attackers to conduct cross-site scripting XSS attacks via unspecified vectors...
MantisBT < 1.3.1, 2.x < 2.0.0-beta.2 Weak Content Security Policy Vulnerability - Windows
MantisBT is prone to a weak Content Security Policy vulnerability. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
MantisBT < 1.3.1, 2.x < 2.0.0-beta.2 Weak Content Security Policy Vulnerability - Linux
MantisBT is prone to a weak Content Security Policy vulnerability. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...