Red Hat Security Advisory 2023-6832-01 - Updated packages that include numerous enhancements and bug fixes are now available for Red Hat OpenShift Data Foundation 4.14.0 on Red Hat Enterprise Linux 9. Issues addressed include cross site scripting, denial of service, html injection, and out of bounds read vulnerabilities.
ff320b40e864d126e94d4b9d1103d7c927ef13b4f9eababa895a7eec6b68608eRed Hat Security Advisory 2023-6818-03 - An update is now available for Red Hat Satellite 6.14. The release contains a new version of Satellite and important security fixes for various components. Issues addressed include bypass, code execution, cross site scripting, denial of service, man-in-the-middle, server-side request forgery, and remote SQL injection vulnerabilities.
4ad655e0ad190cc122bcde85b5ec64d7f61ad6f3fe984f7e0230160c5deb294eRed Hat Security Advisory 2023-6474-01 - An update for podman is now available for Red Hat Enterprise Linux 9. Issues addressed include cross site scripting and denial of service vulnerabilities.
3978def09517ae1ee912a350295ece1d3f632faa90c7b96d6fe7c4c1e7eb0b23Red Hat Security Advisory 2023-6420-01 - An update for grafana is now available for Red Hat Enterprise Linux 9. Issues addressed include bypass, cross site scripting, denial of service, and spoofing vulnerabilities.
3ac0215400d6b86afbb66e8881e17888e8fd5b2f1efc619b331c0e295eb36616Red Hat Security Advisory 2023-5009-01 - Red Hat OpenShift Container Platform release 4.14.0 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include cross site scripting, denial of service, and use-after-free vulnerabilities.
4bd9d418ca1afc7dd7c2b633e9f732c5af874c8c5edcc0d61332275d793b24acRed Hat Security Advisory 2023-5007-01 - Red Hat OpenShift Container Platform release 4.14.0 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include cross site scripting and denial of service vulnerabilities.
53110c227a6abebd28980c3b2fe32f22c0e8a82ba376add71f3ea141adb3909cRed Hat Security Advisory 2023-6179-01 - An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.13. Issues addressed include bypass, code execution, cross site scripting, and denial of service vulnerabilities.
9bf774d4257b09a125341c848c5e9fcd820adea05d5a78b14f7420f1f63bcb7fRed Hat Security Advisory 2023-6172-01 - An update for Openshift Jenkins is now available for Red Hat Product OCP Tools 4.12. Red Hat Product Security has rated this update as having a security impact of important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section. Issues addressed include bypass, code execution, cross site scripting, denial of service, improper authorization, information leakage, and insecure permissions vulnerabilities.
959995e5c8c8ffcb460eb26260215c7b7072fa04e4365429ecd702d04e034b5cRed Hat Security Advisory 2023-6171-01 - An update for Openshift Jenkins is now available for Red Hat Product OCP Tools 4.11. Red Hat Product Security has rated this update as having a security impact of important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section. Issues addressed include bypass, code execution, cross site scripting, deserialization, information leakage, and insecure permissions vulnerabilities.
806b2fb0ca9c10f179c91b2e1d08b2766bbd6f208b5772e4e24f6d9e09918d44WordPress LiteSpeed Cache plugin versions 5.6 and below suffer from a persistent cross site scripting vulnerability.
930b5dea6544195034aa8f1e0157b1a5e03ff90d8a95610492e143d141d5a230Red Hat Security Advisory 2023-6031-01 - An update is now available for Cryostat 2 on RHEL 8. Issues addressed include cross site scripting and denial of service vulnerabilities.
40779b4af5d0875a169333efe7e5fb9591a5740a4c994d3a49951fdfadc585fcMoodle version 4.3 suffers from a cross site scripting vulnerability.
6b239daf093c1f26ad1d4831716d336997f542904bde8080364383e3c818009fRed Hat Security Advisory 2023-5888-01 - The Migration Toolkit for Containers 1.7.13 is now available. Issues addressed include a cross site scripting vulnerability.
2853bd8d5245613da95f23fd0a200bc0dc8a6c8091d12dcd4bf8a0f9f472b0ff2023 Mount Carmel School version 6.4.1 suffers from a cross site scripting vulnerability.
1468507ac0b5b0ce74969400a56999cea8841d359cc06c655a563f09bfa94b92WordPress Core versions prior to 6.3.2 suffer from arbitrary shortcode execution, cross site scripting, denial of service, and information leakage vulnerabilities. Versions prior to 6.3.2 are vulnerable.
2747a0842119425378a1378f7692a4eca0ef390a27497cfbb5b9ecd9e53c5e9fDebian Linux Security Advisory 5520-1 - Multiple security issues were discovered in MediaWiki, a website engine for collaborative work, which could result in cross-site scripting, denial of service or information disclosure.
c9b0eef917ca7122324a4555874745119c1290c98bda7f3ff8c5cf676e9d555bUbuntu Security Notice 6426-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
c72aad25773c01cb851fed77dfb508210a1e943aafc90c6b284c85d17dc7a9b8WordPress Sonaar Music plugin version 4.7 suffers from a persistent cross site scripting vulnerability.
eba032fb1c2fe5ab3d50ae426905af7d530abdd6cba88db54c019be85a1e339dAicte India LMS version 3.0 suffers from a cross site scripting vulnerability.
d6bdd519cdbf391aa1f466dbf921113b4bbdfc1dadd6a058a7f32ab5384d6235Ubuntu Security Notice 6419-1 - Hong Phat Ly discovered that jQuery UI did not properly manage parameters from untrusted sources, which could lead to arbitrary web script or HTML code injection. A remote attacker could possibly use this issue to perform a cross-site scripting attack. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Esben Sparre Andreasen discovered that jQuery UI did not properly handle values from untrusted sources in the Datepicker widget. A remote attacker could possibly use this issue to perform a cross-site scripting attack and execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS.
05388b73a403c354a99e6e89119bc4f5977a6dc6cffe23761717eab763f7e15dSAP Enable Now Manager version 10.6.5 Build 2804 Cloud Edition suffers from cross site request forgery, cross site scripting, and open redirection vulnerabilities.
5209392bfef3cdde923a53ecc1c986fc8d93a111938c556cbaaea3d08eb62ce2openVIVA c2 suffers from a persistent cross site scripting vulnerability. Versions prior to 20220801 are affected.
1bb461472efdf8f6410f98641bda375496497eeeacb50a76a14f2e2f531514edWordPress Contact Form Generator plugin version 2.5.5 suffers from a cross site scripting vulnerability.
1a89853927f3c6096fee2e503d2f623648cb5006cb15c76e3675be24eb2640d7WordPress KiviCard plugin version 3.2.0 suffers from a cross site scripting vulnerability.
3173b918ac06c39f7a4839e9a8c2dfd7c07d457706ead7df51f73d17dd8b13a0OPNsense versions 23.1.11_1, 23.7.3, and 23.7.4 suffer from cross site scripting vulnerabilities that can allow for privilege escalation.
76e4fc1b6aee4986d4bbb70760bae717204a144677ec04e5e69cc9e4ca014975
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed