28 matches found
EUVD-2025-1949
Malicious code in bioql PyPI...
EUVD-2025-1950
Malicious code in bioql PyPI...
EUVD-2025-1948
Malicious code in bioql PyPI...
MAL-2025-27666 Malicious code in node-zenvia (npm)
The package node-zenvia was found to contain malicious code...
Malicious code in node-zenvia (npm)
The package node-zenvia was found to contain malicious code...
CVE-2025-0972
A vulnerability classified as problematic has been found in Zenvia Movidesk up to 25.01.22. This affects an unknown part of the component New Ticket Handler. The manipulation of the argument subject leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has bee...
CVE-2025-0971
A vulnerability was found in Zenvia Movidesk up to 25.01.22. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /Account/EditProfile of the component Profile Editing. The manipulation of the argument username leads to cross site scripting. The attac...
CVE-2025-0970
A vulnerability was found in Zenvia Movidesk up to 25.01.22. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /Account/Login. The manipulation of the argument ReturnUrl leads to open redirect. The attack can be launched remotely. The...
CVE-2025-0972
A vulnerability classified as problematic has been found in Zenvia Movidesk up to 25.01.22. This affects an unknown part of the component New Ticket Handler. The manipulation of the argument subject leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has bee...
CVE-2025-0972
A vulnerability classified as problematic has been found in Zenvia Movidesk up to 25.01.22. This affects an unknown part of the component New Ticket Handler. The manipulation of the argument subject leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has bee...
CVE-2025-0971
A vulnerability was found in Zenvia Movidesk up to 25.01.22. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /Account/EditProfile of the component Profile Editing. The manipulation of the argument username leads to cross site scripting. The attac...
CVE-2025-0971
A vulnerability was found in Zenvia Movidesk up to 25.01.22. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /Account/EditProfile of the component Profile Editing. The manipulation of the argument username leads to cross site scripting. The attac...
CVE-2025-0972 Zenvia Movidesk New Ticket cross site scripting
A vulnerability classified as problematic has been found in Zenvia Movidesk up to 25.01.22. This affects an unknown part of the component New Ticket Handler. The manipulation of the argument subject leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has bee...
CVE-2025-0972 Zenvia Movidesk New Ticket cross site scripting
A vulnerability classified as problematic has been found in Zenvia Movidesk up to 25.01.22. This affects an unknown part of the component New Ticket Handler. The manipulation of the argument subject leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has bee...
CVE-2025-0972
Zenvia Movidesk (New Ticket Handler) is affected by a cross-site scripting vulnerability where manipulation of the subject argument can be triggered remotely. The issue is described across multiple sources (CVE-2025-0972) with the remediation to upgrade to version 25.01.22.245a473c54 or later. So...
Zenvia 代码注入漏洞
Zenvia is a complete customer service software from Zenvia, Inc. A code injection vulnerability exists in Zenvia version 25.01.22 and prior versions, which stems from an incorrect manipulation of the parameter username that can lead to cross-site scripting attacks...
Zenvia 代码注入漏洞
Zenvia is a complete customer service software from Zenvia, Inc. A code injection vulnerability exists in Zenvia versions 25.01.22 and earlier, which stems from the parameter subject of the component New Ticket Handler that results in cross-site scripting...
CVE-2025-0971 Zenvia Movidesk Profile Editing EditProfile cross site scripting
A vulnerability was found in Zenvia Movidesk up to 25.01.22. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /Account/EditProfile of the component Profile Editing. The manipulation of the argument username leads to cross site scripting. The attac...
CVE-2025-0971 Zenvia Movidesk Profile Editing EditProfile cross site scripting
A vulnerability was found in Zenvia Movidesk up to 25.01.22. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /Account/EditProfile of the component Profile Editing. The manipulation of the argument username leads to cross site scripting. The attac...
CVE-2025-0971
CVE-2025-0971 affects Zenvia Movidesk. The flaw resides in the Profile Editing component, specifically the /Account/EditProfile function, where manipulating the username parameter can trigger cross-site scripting. The issue appears to be exploitable remotely and was publicly disclosed. All eviden...