Red Hat Security Advisory 2023-6832-01 - Updated packages that include numerous enhancements and bug fixes are now available for Red Hat OpenShift Data Foundation 4.14.0 on Red Hat Enterprise Linux 9. Issues addressed include cross site scripting, denial of service, html injection, and out of bounds read vulnerabilities.
ff320b40e864d126e94d4b9d1103d7c927ef13b4f9eababa895a7eec6b68608e
Red Hat Security Advisory 2023-6818-03 - An update is now available for Red Hat Satellite 6.14. The release contains a new version of Satellite and important security fixes for various components. Issues addressed include bypass, code execution, cross site scripting, denial of service, man-in-the-middle, server-side request forgery, and remote SQL injection vulnerabilities.
4ad655e0ad190cc122bcde85b5ec64d7f61ad6f3fe984f7e0230160c5deb294e
Red Hat Security Advisory 2023-6474-01 - An update for podman is now available for Red Hat Enterprise Linux 9. Issues addressed include cross site scripting and denial of service vulnerabilities.
3978def09517ae1ee912a350295ece1d3f632faa90c7b96d6fe7c4c1e7eb0b23
Red Hat Security Advisory 2023-6420-01 - An update for grafana is now available for Red Hat Enterprise Linux 9. Issues addressed include bypass, cross site scripting, denial of service, and spoofing vulnerabilities.
3ac0215400d6b86afbb66e8881e17888e8fd5b2f1efc619b331c0e295eb36616
Red Hat Security Advisory 2023-5009-01 - Red Hat OpenShift Container Platform release 4.14.0 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include cross site scripting, denial of service, and use-after-free vulnerabilities.
4bd9d418ca1afc7dd7c2b633e9f732c5af874c8c5edcc0d61332275d793b24ac
Red Hat Security Advisory 2023-5007-01 - Red Hat OpenShift Container Platform release 4.14.0 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include cross site scripting and denial of service vulnerabilities.
53110c227a6abebd28980c3b2fe32f22c0e8a82ba376add71f3ea141adb3909c
Red Hat Security Advisory 2023-6179-01 - An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.13. Issues addressed include bypass, code execution, cross site scripting, and denial of service vulnerabilities.
9bf774d4257b09a125341c848c5e9fcd820adea05d5a78b14f7420f1f63bcb7f
Red Hat Security Advisory 2023-6172-01 - An update for Openshift Jenkins is now available for Red Hat Product OCP Tools 4.12. Red Hat Product Security has rated this update as having a security impact of important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section. Issues addressed include bypass, code execution, cross site scripting, denial of service, improper authorization, information leakage, and insecure permissions vulnerabilities.
959995e5c8c8ffcb460eb26260215c7b7072fa04e4365429ecd702d04e034b5c
Red Hat Security Advisory 2023-6171-01 - An update for Openshift Jenkins is now available for Red Hat Product OCP Tools 4.11. Red Hat Product Security has rated this update as having a security impact of important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section. Issues addressed include bypass, code execution, cross site scripting, deserialization, information leakage, and insecure permissions vulnerabilities.
806b2fb0ca9c10f179c91b2e1d08b2766bbd6f208b5772e4e24f6d9e09918d44
WordPress LiteSpeed Cache plugin versions 5.6 and below suffer from a persistent cross site scripting vulnerability.
930b5dea6544195034aa8f1e0157b1a5e03ff90d8a95610492e143d141d5a230
Red Hat Security Advisory 2023-6031-01 - An update is now available for Cryostat 2 on RHEL 8. Issues addressed include cross site scripting and denial of service vulnerabilities.
40779b4af5d0875a169333efe7e5fb9591a5740a4c994d3a49951fdfadc585fc
Moodle version 4.3 suffers from a cross site scripting vulnerability.
6b239daf093c1f26ad1d4831716d336997f542904bde8080364383e3c818009f
Red Hat Security Advisory 2023-5888-01 - The Migration Toolkit for Containers 1.7.13 is now available. Issues addressed include a cross site scripting vulnerability.
2853bd8d5245613da95f23fd0a200bc0dc8a6c8091d12dcd4bf8a0f9f472b0ff
2023 Mount Carmel School version 6.4.1 suffers from a cross site scripting vulnerability.
1468507ac0b5b0ce74969400a56999cea8841d359cc06c655a563f09bfa94b92
WordPress Core versions prior to 6.3.2 suffer from arbitrary shortcode execution, cross site scripting, denial of service, and information leakage vulnerabilities. Versions prior to 6.3.2 are vulnerable.
2747a0842119425378a1378f7692a4eca0ef390a27497cfbb5b9ecd9e53c5e9f
Debian Linux Security Advisory 5520-1 - Multiple security issues were discovered in MediaWiki, a website engine for collaborative work, which could result in cross-site scripting, denial of service or information disclosure.
c9b0eef917ca7122324a4555874745119c1290c98bda7f3ff8c5cf676e9d555b
Ubuntu Security Notice 6426-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
c72aad25773c01cb851fed77dfb508210a1e943aafc90c6b284c85d17dc7a9b8
WordPress Sonaar Music plugin version 4.7 suffers from a persistent cross site scripting vulnerability.
eba032fb1c2fe5ab3d50ae426905af7d530abdd6cba88db54c019be85a1e339d
Aicte India LMS version 3.0 suffers from a cross site scripting vulnerability.
d6bdd519cdbf391aa1f466dbf921113b4bbdfc1dadd6a058a7f32ab5384d6235
Ubuntu Security Notice 6419-1 - Hong Phat Ly discovered that jQuery UI did not properly manage parameters from untrusted sources, which could lead to arbitrary web script or HTML code injection. A remote attacker could possibly use this issue to perform a cross-site scripting attack. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Esben Sparre Andreasen discovered that jQuery UI did not properly handle values from untrusted sources in the Datepicker widget. A remote attacker could possibly use this issue to perform a cross-site scripting attack and execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS.
05388b73a403c354a99e6e89119bc4f5977a6dc6cffe23761717eab763f7e15d
SAP Enable Now Manager version 10.6.5 Build 2804 Cloud Edition suffers from cross site request forgery, cross site scripting, and open redirection vulnerabilities.
5209392bfef3cdde923a53ecc1c986fc8d93a111938c556cbaaea3d08eb62ce2
openVIVA c2 suffers from a persistent cross site scripting vulnerability. Versions prior to 20220801 are affected.
1bb461472efdf8f6410f98641bda375496497eeeacb50a76a14f2e2f531514ed
WordPress Contact Form Generator plugin version 2.5.5 suffers from a cross site scripting vulnerability.
1a89853927f3c6096fee2e503d2f623648cb5006cb15c76e3675be24eb2640d7
WordPress KiviCard plugin version 3.2.0 suffers from a cross site scripting vulnerability.
3173b918ac06c39f7a4839e9a8c2dfd7c07d457706ead7df51f73d17dd8b13a0
OPNsense versions 23.1.11_1, 23.7.3, and 23.7.4 suffer from cross site scripting vulnerabilities that can allow for privilege escalation.
76e4fc1b6aee4986d4bbb70760bae717204a144677ec04e5e69cc9e4ca014975