Security
Headlines
HeadlinesLatestCVEs

Tag

#xss

Red Hat Security Advisory 2023-3221-01

Red Hat Security Advisory 2023-3221-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.11.0. Issues addressed include a bypass vulnerability.

Packet Storm
Open in Source
#xss#vulnerability#linux#red_hat#js#firefox
Red Hat Security Advisory 2023-3198-01

Red Hat Security Advisory 2023-3198-01 - Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Issues addressed include bypass, code execution, cross site request forgery, cross site scripting, denial of service, deserialization, information leakage, and insecure permissions vulnerabilities.

RHSA-2023:3195: Red Hat Security Advisory: jenkins and jenkins-2-plugins security update

An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.12. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42889: A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execut...

CVE-2023-30780: WordPress User IP and Location plugin <= 2.2 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in TheGuideX User IP and Location plugin <= 2.2 versions.

CVE-2023-23667: WordPress Brands for WooCommerce plugin <= 3.7.0.6 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in BeRocket Brands for WooCommerce plugin <= 3.7.0.6 versions.

CVE-2022-47157: WordPress WP Custom Fields Search plugin <= 1.2.34 - Cross Site Scripting (XSS) - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Don Benjamin WP Custom Fields Search plugin <= 1.2.34 versions.

CVE-2023-31233: WordPress Baidu Tongji generator plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Haoqisir Baidu Tongji generator plugin <= 1.0.2 versions.

CVE-2023-32515: WordPress Custom Field Suite plugin <= 2.6.2.1 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Matt Gibbs Custom Field Suite plugin <= 2.6.2.1 versions.

CVE-2023-30868: WordPress CMS Tree Page View plugin <= 1.6.7 - Cross Site Scripting (XSS) vulnerability - Patchstack

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Jon Christopher CMS Tree Page View plugin <= 1.6.7 versions.