Security
Headlines
HeadlinesLatestCVEs

Tag

#xss

Red Hat Security Advisory 2023-5480-01

Red Hat Security Advisory 2023-5480-01 - Red Hat OpenShift Serverless release of OpenShift Serverless Logic. This release includes security fixes. Issues addressed include a bypass vulnerability.

Packet Storm
Open in Source
#xss#vulnerability#red_hat#git
CVE-2023-44764: GitHub - sromanhu/ConcreteCMS-Stored-XSS---Site_Installation: Cross Site Scripting vulnerability in ConcreteCMS v.9.2.1 allows a local attacker to execute arbitrary code via a crafted script to the SI

A Cross Site Scripting (XSS) vulnerability in Concrete CMS v.9.2.1 allows an attacker to execute arbitrary code via a crafted script to the SITE parameter from installation or in the Settings.

CVE-2023-44766: GitHub - sromanhu/ConcreteCMS-Stored-XSS---SEO: Cross Site Scripting vulnerability in ConcreteCMS v.9.2.1 allows a local attacker to execute arbitrary code via a crafted script to the SEO - Header Ext

A Cross Site Scripting (XSS) vulnerability in Concrete CMS v.9.2.1 allows an attacker to execute arbitrary code via a crafted script to the SEO - Extra from Page Settings.

CVE-2023-44770: ZenarioCMS--Reflected-XSS---Organizer-Alias/README.md at main · sromanhu/ZenarioCMS--Reflected-XSS---Organizer-Alias

A Cross-Site Scripting (XSS) vulnerability in Zenario CMS v.9.4.59197 allows an attacker to execute arbitrary code via a crafted script to the Organizer - Spare alias.

CVE-2023-44761: GitHub - sromanhu/ConcreteCMS-Stored-XSS---Forms: Cross Site Scripting vulnerability in ConcreteCMS v.9.2.1 allows a local attacker to execute arbitrary code via a crafted script to the Form of the Da

Multiple Cross Site Scripting (XSS) vulnerabilities in Concrete CMS v.9.2.1 allow a local attacker to execute arbitrary code via a crafted script to the Forms of the Data objects.

CVE-2023-44765: GitHub - sromanhu/ConcreteCMS-Stored-XSS---Associations: Cross Site Scripting vulnerability in ConcreteCMS v.9.2.1 allows a local attacker to execute arbitrary code via a crafted script to the Plural

A Cross Site Scripting (XSS) vulnerability in Concrete CMS v.9.2.1 allows an attacker to execute arbitrary code via a crafted script to Plural Handle of the Data Objects from System & Settings.

Supermicro's BMC Firmware Found Vulnerable to Multiple Critical Vulnerabilities

Multiple security vulnerabilities have been disclosed in the Intelligent Platform Management Interface (IPMI) firmware for Supermicro baseboard management controllers (BMCs) that could result in privilege escalation and execution of malicious code on affected systems. The seven flaws, tracked from CVE-2023-40284 through CVE-2023-40290, vary in severity from High to Critical, according to Binarly