EUVD-2022-2098

Malicious code in bioql PyPI...

GHSA-33RH-5HVF-5JJP ZF-Commons ZfcUser Vulnerable to XSS in Login Redirect

Cross-site scripting XSS vulnerability in user/login.phtml in ZF-Commons ZfcUser before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the redirect parameter...

ZF-Commons ZfcUser Vulnerable to XSS in Login Redirect

Cross-site scripting XSS vulnerability in user/login.phtml in ZF-Commons ZfcUser before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the redirect parameter...

Cross-site Scripting (XSS)

zfcommons/zfcuser is vulnerable to cross-site scripting XSS attacks. The library does not sanitize the redirect URL, allowing a malicious user to inject and execute arbitrary web script...

XSS vulnerability in login redirect param

Security advisory: XSS vulnerability in login redirect param ScnSocialAuth version 1.15.2 has been released and includes a security for this vulnerability. Fix has been applied in 4a00966 Affected versions All versions below 1.15.2 are affected. dev-master is fixed starting from 4a00966 Exploits...

XSS vulnerability in login redirect param

Security advisory: XSS vulnerability in login redirect param ScnSocialAuth version 1.15.2 has been released and includes a security for this vulnerability. Fix has been applied in https://github.com/SocalNick/ScnSocialAuth/commit/4a00966c41bc37251586d007564c5c891eba3700 Affected versions All...

CVE-2015-1039

Cross-site scripting XSS vulnerability in user/login.phtml in ZF-Commons ZfcUser before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the redirect parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in user/login.phtml in ZF-Commons ZfcUser before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the redirect parameter...

CVE-2015-1039

Cross-site scripting XSS vulnerability in user/login.phtml in ZF-Commons ZfcUser before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the redirect parameter...

CVE-2015-1039

CVE-2015-1039 affects ZF-Commons ZfcUser before 1.2.2, in which the login redirect parameter (redirect) is vulnerable to XSS via user/login.phtml. The root cause is missing escaping of the URL parameter, allowing an attacker to inject arbitrary script/HTML. Public references (GHSA/FriendsofPHP ad...

ZfcUser 'redirect' parameter cross-site scripting vulnerability

ZfcUser is a user registration and authentication module for Zend Framework 2. A cross-site scripting vulnerability exists in ZfcUser's handling of the 'redirect' parameter, which can be exploited by a remote attacker to construct a malicious URI and trick the user into parsing it, which can be...

XSS vulnerability in login redirect param

Security advisory: XSS vulnerability in login redirect param ZfcUser version 1.2.2 has been released and includes a security for this vulnerability. Fix has been applied in @baf0e460 Affected versions All versions below 1.2.2 are affected. dev-master is fixed starting from @2cc167a Exploits Becau...

XSS vulnerability in login redirect param

Security advisory: XSS vulnerability in login redirect param ZfcUser version 1.2.2 has been released and includes a security for this vulnerability. Fix has been applied in @baf0e460 Affected versions All versions below 1.2.2 are affected. dev-master is fixed starting from @2cc167a Exploits Becau...