what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 5 of 5 RSS Feed

CVE-2020-7676

Status Candidate

Overview

angular.js prior to 1.8.0 allows cross site scripting. The regex-based input HTML replacement may turn sanitized code into unsanitized one. Wrapping "<option>" elements in "<select>" ones changes parsing behavior, leading to possibly unsanitizing code.

Related Files

Red Hat Security Advisory 2021-0974-01
Posted Mar 23, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0974-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.6 serves as a replacement for Red Hat Single Sign-On 7.4.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass, cross site scripting, and information leakage vulnerabilities.

tags | advisory, web, vulnerability, xss
systems | linux, redhat
advisories | CVE-2020-14302, CVE-2020-28052, CVE-2020-35510, CVE-2020-7676, CVE-2020-8908, CVE-2021-20220, CVE-2021-20250
SHA-256 | a29ebb86ed3f629b8d17d5f63140e16c1e3254c288e5ab8c7b3344fd2d510611
Red Hat Security Advisory 2021-0969-01
Posted Mar 23, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0969-01 - Red Hat Single Sign-On is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.6 on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.4.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, web, xss
systems | linux, redhat
advisories | CVE-2020-14302, CVE-2020-7676
SHA-256 | 62600197f5170a6bcbd846e5630e10c31633441ec2bd1013bf54fa225f98c1c7
Red Hat Security Advisory 2021-0968-01
Posted Mar 23, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0968-01 - Red Hat Single Sign-On is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.6 on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.4.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, web, xss
systems | linux, redhat
advisories | CVE-2020-14302, CVE-2020-7676
SHA-256 | 498bfdf6f243605b23c60f02262cfa9a132f6c3df17ff207aec310f9c0291fcc
Red Hat Security Advisory 2021-0967-01
Posted Mar 23, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0967-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.6 on RHEL 6 serves as a replacement for Red Hat Single Sign-On 7.4.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, web, xss
systems | linux, redhat
advisories | CVE-2020-14302, CVE-2020-7676
SHA-256 | 82eac9cd0241e5d1473edcaec1e7888e56505e6ad2889877e849449b33481844
Red Hat Security Advisory 2020-5249-01
Posted Nov 30, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5249-01 - Fixed two jQuery vulnerabilities Improved Ansible Tower's web service configuration to allow for processing more simultaneous HTTP requests by default Updated several dependencies of Ansible Tower's User Interface to address Updated to the latest version of python-psutil to address CVE-2019-18874 Added several optimizations to improve performance for a variety of high-load simultaneous job launch use cases Fixed workflows to no longer prevent certain users from being able to edit approval nodes Fixed confusing behavior for social auth logins across distinct browser tabs Fixed launching of Job Templates that use prompt-at-launch Ansible Vault credentials. Issues addressed include code execution and cross site scripting vulnerabilities.

tags | advisory, web, vulnerability, code execution, xss, python
systems | linux, redhat
advisories | CVE-2019-18874, CVE-2020-11022, CVE-2020-11023, CVE-2020-7676, CVE-2020-7720, CVE-2020-7743
SHA-256 | 110dd18b4efb16ae0c10f48cfdb06ff0615e9ae0e93f088c11b253e73a4fd781
Page 1 of 1
Back1Next

File Archive:

March 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    13 Files
  • 3
    Mar 3rd
    15 Files
  • 4
    Mar 4th
    0 Files
  • 5
    Mar 5th
    0 Files
  • 6
    Mar 6th
    16 Files
  • 7
    Mar 7th
    31 Files
  • 8
    Mar 8th
    16 Files
  • 9
    Mar 9th
    13 Files
  • 10
    Mar 10th
    9 Files
  • 11
    Mar 11th
    0 Files
  • 12
    Mar 12th
    0 Files
  • 13
    Mar 13th
    10 Files
  • 14
    Mar 14th
    6 Files
  • 15
    Mar 15th
    17 Files
  • 16
    Mar 16th
    22 Files
  • 17
    Mar 17th
    13 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    16 Files
  • 21
    Mar 21st
    13 Files
  • 22
    Mar 22nd
    5 Files
  • 23
    Mar 23rd
    6 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close