Security
Headlines
HeadlinesLatestCVEs

Tag

#xss

CVE-2016-4426: Version History — Zulip 2.1.7 documentation

In zulip before 1.3.12, bot API keys were accessible to other users in the same realm.

CVE
Open in Source
#xss#csrf#vulnerability#web#ios#android#mac#windows#apple#google#amazon#ubuntu#linux#debian#redis#memcached#nodejs#js#git#java#wordpress#perl#ldap#nginx#vmware#oauth#auth#postgres#docker#jira#bitbucket#firefox#ssl
CVE-2016-2138: Block XSS in wget commands (file links) · ikoniaris/kippo-graph@e6587ec

In kippo-graph before version 1.5.1, there is a cross-site scripting vulnerability in xss_clean() in class/KippoInput.class.php.

CVE-2022-35882: WordPress GS Testimonial Slider plugin <= 1.9.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability - Patchstack

Authenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in GS Plugins GS Testimonial Slider plugin <= 1.9.1 at WordPress.

CVE-2022-1948

An issue has been discovered in GitLab affecting all versions starting from 15.0 before 15.0.1. Missing validation of input used in quick actions allowed an attacker to exploit XSS by injecting HTML in contact details.

Loan Management System 1.0 Cross Site Scripting

Loan Management System version 1.0 suffers from a persistent cross site scripting vulnerability.

Automated dynamic application security testing with RapiDAST and cross-team collaboration

Red Hat Product Security has been developing RapiDAST, a tool that can be used for security testing of products and services. DAST stands for dynamic application (or analysis) security testing. In this article, we introduce the tool and ideas that can help you with applying DAST into your software development life cycle.

CVE-2022-36998: VTS22-004: HotFix for Security Advisory impacting NetBackup – Primary/Media Server

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger a stack-based buffer overflow on the NetBackup Primary server, resulting in a denial of service.

CVE-2022-36999: VTS22-004: HotFix for Security Advisory impacting NetBackup – Primary/Media Server

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Under certain conditions, an attacker with authenticated access to a NetBackup Client could remotely read files on a NetBackup Primary server.

CVE-2022-37000: VTS22-004: HotFix for Security Advisory impacting NetBackup – Primary/Media Server

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Under certain conditions, an attacker with authenticated access to a NetBackup Client could remotely read files on a NetBackup Primary server.

CVE-2022-36990: VTS22-004: HotFix for Security Advisory impacting NetBackup – Primary/Media Server

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely write arbitrary files to arbitrary locations from any Client to any other Client via a Primary server.