#git

Ubuntu Security Notice 6574-1 - Takeshi Kaneko discovered that Go did not properly handle comments and special tags in the script context of html/template module. An attacker could possibly use this issue to inject Javascript code and perform a cross site scripting attack. This issue only affected Go 1.20 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 23.04. It was discovered that Go did not properly validate the "//go:cgo_" directives during compilation. An attacker could possibly use this issue to inject arbitrary code during compile time.

SimpleWebServer version 2.2-rc2 remote denial of service exploit.

PHPJabbers Event Ticketing System version 1.0 suffers from a missing rate limiting vulnerability.

PHPJabbers Meeting Room Booking System version 1.0 suffers from a CSV injection vulnerability.

PHPJabbers Meeting Room Booking System version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.

PHPJabbers Event Ticketing System version 1.0 suffers from cross site scripting and html injection vulnerabilities.

PHPJabbers Cinema Booking System version 1.0 suffers from a missing rate limiting vulnerability.

PHPJabbers Cinema Booking System version 1.0 suffers from a CSV injection vulnerability.

PHPJabbers Meeting Room Booking System version 1.0 suffers from a missing rate limiting vulnerability.

PHPJabbers Cleaning Business Software version 1.0 suffers from a CSV injection vulnerability.