XoopsCore25 version 2.5.11 suffers from a cross site scripting vulnerability.
2ae84d82db1b05e74c65de107834f1df7a00fa59f13b38b64eb16a00c14b1b92Red Hat Security Advisory 2024-0778-03 - An update for Jenkins and Jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.12. Issues addressed include bypass, code execution, cross site request forgery, cross site scripting, denial of service, improper authorization, information leakage, insecure permissions, and open redirection vulnerabilities.
ab4f43b9e71e063c24e6665055c78987e13d3b3ffaeb136bf2ca4c7222838cb2Red Hat Security Advisory 2024-0777-03 - An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.14. Issues addressed include bypass, code execution, cross site request forgery, cross site scripting, denial of service, information leakage, and open redirection vulnerabilities.
3eed8a402985e9201b2959d777e66d6b3d4c828342daf0e2047df99c9352d53fRed Hat Security Advisory 2024-0776-03 - An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.13. Issues addressed include bypass, code execution, cross site scripting, and denial of service vulnerabilities.
066ec355713bdfb5d17ff8adb414021618bb7df8ac5b4fbee6ddd1731eff0030Red Hat Security Advisory 2024-0775-03 - An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.11. Issues addressed include bypass, code execution, cross site scripting, deserialization, information leakage, and insecure permissions vulnerabilities.
bce52c7c00b891789e1532b690676483061f98b6a4dfcfe94e9ecadad6b53155Ubuntu Security Notice 6631-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
4b6f4fc061a2d62f4bfc4c023b3a9687f579682d0d0d93b1e1032a14339c54daAdvanced Page Visit Counter version 1.0 suffers from a persistent cross site scripting vulnerability.
f6d7790e5d925f394cef69bc78bd6c8b5f89cc8b9036ef13a7d4dd56535dc8e5Red Hat Security Advisory 2024-0746-03 - Updated container image for Red Hat Ceph Storage 5.3 is now available in the Red Hat Ecosystem Catalog. Issues addressed include cross site scripting and denial of service vulnerabilities.
df456c5ff3eec148a2beca2bbbd79e0ea4e10f1895bfac2fe56b6eecd379e96bDebian Linux Security Advisory 5616-1 - It was discovered that ruby-sanitize, a whitelist-based HTML sanitizer, insufficiently sanitized style elements, which may result in cross-site scripting.
cb1891138c71065ba8a31de094547c27038e14dbb35d632d940934fd3474f59cWordPress Simple URLs plugin versions prior to 115 suffer from a cross site scripting vulnerability.
c30a14aad4b176fcca47e0448ca0f4736ce2e14ebe3feb095662f74d88b72153Gym Management System version 1.0 suffers from a persistent cross site scripting vulnerability. Original credit for this finding goes to Jyotsna Adhana in October of 2020 but uses a different vector of attack for this software version.
c0f2d33a4c3991ea99477e6d1d0b6c609743f37a52348c26fa084cc05b9df687WhatsUp Gold 2022 version 22.1.0 Build 39 suffers from a persistent cross site scripting vulnerability.
c220ac742e0433187b0d69c0b84acee272914b285cfb7aab956f93dfb9bd2fceMISP version 2.4.171 suffers from a persistent cross site scripting vulnerability.
c46d1b01317a56d0c3ca6306f105dceaf23c7eb41b768453a59fb637c41d5e3eRed Hat Security Advisory 2024-0485-03 - Red Hat OpenShift Container Platform release 4.12.48 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a cross site scripting vulnerability.
0deb6bdda4870623dcb74de02a9972bc221c57721c7586c37779abe972798ff3Interactive Floor Plan version 1.0 suffers from a cross site scripting vulnerability.
696171fac915ad8521ab878bf8dd8496a69db4eedb1b4fe9f216fbfde57545ecPHPJ Callback Widget version 1.0 suffers from a persistent cross site scripting vulnerability.
5a4188d904853b282526ec16d8c5d6f9a6a772e2951744e041fdfe4a31e26fedmqXSS is a client to communicate with XSS hooked browsers over MQTT. Similar to xsshunter or beef, mqxss allows interaction with remote browsers that have been injected with a XSS payload. However, instead of having the victim connect back to your server they connect through a Secure Websocket MQTT broker instead. This tool facilitates the JS payload generation and interaction with hooked browsers that communicate over WSS MQTT brokers.
8896d3a6c195fd964e3ba8e5a991dcb72d8c6488f787f595e2d0fca71fec9ad8Ubuntu Security Notice 6582-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
efacb4bdb05b573622a6891d651f7f79948338036201cc4c73c3478731777aeeWordPress POST SMTP Mailer plugin versions 2.8.7 and below suffer from authorization bypass and cross site scripting vulnerabilities.
1bdd84a69d04f6ca05b840e49215c74a3095a9b4cd20f08c7cd6c500f98bc02fUbuntu Security Notice 6574-1 - Takeshi Kaneko discovered that Go did not properly handle comments and special tags in the script context of html/template module. An attacker could possibly use this issue to inject Javascript code and perform a cross site scripting attack. This issue only affected Go 1.20 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 23.04. It was discovered that Go did not properly validate the "//go:cgo_" directives during compilation. An attacker could possibly use this issue to inject arbitrary code during compile time.
b8c2a5761a1b9b637336f2af66c0577c0e91e5d6928b1d69d773c8f5060e8589PHPJabbers Meeting Room Booking System version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.
e6821affd91c6976ec243ea146e7afbb0ed24afc9759a1132aa2d0f6d32f79c1PHPJabbers Event Ticketing System version 1.0 suffers from cross site scripting and html injection vulnerabilities.
2caf4aa999009c25ac7c26798df4e4a0ac8a097c8ef866861469f934e7b3bfcaPHPJabbers Cinema Booking System version 1.0 suffers from reflective and persistent cross site scripting vulnerabilities.
65d36ac9160ab1c240f6675581e697453542fa0e4bd126a1f51e746ce51641f2PHPJabbers Cleaning Business Software version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.
e47debdf9fc3c3d01a9a065adc30bc2b0166bcf23690c6d3ac8b4dd15242abfaPHPJabbers Shared Asset Booking System version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.
55b8208f2ccd19891ff073a3c0c73038d621c5100ca8bca74d3b845c3b903e9a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed