57 matches found
Maccms 跨站脚本漏洞
Maccms is a PHP-based film and television content management system CMS. v10 version of Maccms is vulnerable to a cross-site scripting vulnerability, which originates from the lack of user-supplied data and output data validation filtering in the select and input parameters in...
CVE-2021-38347
The Custom Website Data WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the id parameter found in the /views/edit.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 2.2...
Cross site scripting
The Custom Website Data WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the id parameter found in the /views/edit.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 2.2...
CVE-2021-38347 Custom Website Data <= 2.2 Reflected Cross-Site Scripting
The Custom Website Data WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the id parameter found in the /views/edit.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 2.2...
CVE-2021-38347
CVE-2021-38347 concerns the WordPress plugin Custom Website Data (<= 2.2). The vulnerability is a Reflected Cross-Site Scripting (XSS) via the id parameter in the file ~/views/edit.php, enabling an attacker to inject arbitrary web scripts. Affected release range is up to and including 2.2. NVD...
CVE-2021-38347 Custom Website Data <= 2.2 Reflected Cross-Site Scripting
The Custom Website Data WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the id parameter found in the /views/edit.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 2.2...
WordPress 插件 跨站脚本漏洞
WordPress Plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists in the WordPress plugin Custom Website Data, which stems from a lack of proper validation of client-side data in the web application. An attacker can exploit this vulnerability to...
WordPress 插件跨站脚本漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress Plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists i...
Custom Website Data <= 2.2 - Reflected Cross-Site Scripting
The plugin is vulnerable to Reflected Cross-Site Scripting via the id parameter found in the /views/edit.php file which allows attackers to inject arbitrary web scripts...
WordPress Custom Website Data plugin <= 2.2 - Reflected Cross-Site Scripting (XSS) vulnerability
Reflected Cross-Site Scripting XSS vulnerability discovered by p7e4 in WordPress Custom Website Data plugin versions = 2.2. Solution This plugin has been closed as of September 7, 2021 and is not available for download. This closure is temporary, pending a full review...
CVE-2020-29623
"Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. A user may be unable to fully delete...
CVE-2020-29623
"Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. A user may be unable to fully delete...
CVE-2020-29623
"Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. A user may be unable to fully delete...
CVE-2020-29623
"Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. A user may be unable to fully delete...
Information Disclosure
webkitgtk4 is vulnerable to information disclosure. The vulnerability exists as the Clear History and Website Data does not properly clear history...
On the Way Thesis Detection System is Vulnerable to Information Leakage
Founded in 2017, Chengdu On the Way Technology Limited Liability Company is a company that specializes in information system integration services, integrated circuit design, communication equipment excluding wireless radio and television transmission and satellite ground receiving equipment,...
Mozilla: Devtools' 'Copy as cURL' feature did not fully escape website-controlled data, potentially leading to command injection
The Mozilla Foundation Security Advisory describes this flaw as: The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as Curl' feature and pasted the command into a terminal, it...
CVE-2019-8768
"Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Catalina 10.15. A user may be unable to delete browsing history items...
CVE-2019-13380
KEYNTO Team Password Manager 1.5.0 allows XSS because data saved from websites is mishandled in the online vault...
CVE-2019-13380
KEYNTO Team Password Manager 1.5.0 allows XSS because data saved from websites is mishandled in the online vault...