Lucene search
K

7 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2023/08/24 9:38 p.m.1 views

Malicious code in website-frontend-cms (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 04f43ddaad758a9041c06daacb15db027a4552836ee0f59caa0b4762c87acdc6 The OpenSSF Package Analysis project identified 'website-frontend-cms' @ 99.99.0 npm as malicious. It is considered malicious because: - The...

6.9AI score
Exploits0
OSV
OSV
added 2023/08/24 9:38 p.m.13 views

MAL-2023-1573 Malicious code in website-frontend-cms (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 04f43ddaad758a9041c06daacb15db027a4552836ee0f59caa0b4762c87acdc6 The OpenSSF Package Analysis project identified 'website-frontend-cms' @ 99.99.0 npm as malicious. It is considered malicious because: - The...

7.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 8:26 p.m.4 views

Malicious code in ayalon-demo-website-frontend (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 19a8e8fa18dc522718907d033a494ba3caeb4164e641ae7dc4ab866c88cb8886 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2022/06/20 8:26 p.m.6 views

MAL-2022-1215 Malicious code in ayalon-demo-website-frontend (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 19a8e8fa18dc522718907d033a494ba3caeb4164e641ae7dc4ab866c88cb8886 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2021/08/10 5:15 p.m.25 views

CVE-2021-32768

TYPO3 is an open source PHP based web content management system released under the GNU GPL. In affected versions failing to properly parse, sanitize and encode malicious rich-text content, the content rendering process in the website frontend is vulnerable to cross-site scripting. Corresponding...

6.1CVSS6.5AI score
Exploits0References2
Typo3
Typo3
added 2021/08/10 12:0 a.m.40 views

Cross-Site Scripting via Rich-Text Content

Failing to properly parse, sanitize and encode malicious rich-text content, the content rendering process in the website frontend is vulnerable to cross-site scripting. Corresponding rendering instructions via TypoScript functionality HTMLparser do not consider all potentially malicious HTML tag ...

4.3CVSS2.3AI score0.00727EPSS
Exploits0Affected Software1
Typo3
Typo3
added 2018/12/11 12:0 a.m.25 views

Cross-Site Scripting in Frontend User Login

Failing to properly encode user input, login status display is vulnerable to cross-site scripting in the website frontend. A valid user account is needed in order to exploit this vulnerability - either a backend user or a frontend user having the possibility to modify their user profile...

6.1AI score
Exploits0Affected Software1
Rows per page
Query Builder