CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

CVE-2023-6905

CVE-2023-6903

CVE-2023-6904

CVE-2023-3907

Inout Blockchain AltExchanger v1.2.1 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /admin/js.

**Latest commit**

**Files**Permalink

Failed to load latest commit information.

Type

Name

Latest commit message

Commit time

**Description:**

The Inout Blockchain AltExchanger (version 1.2.1) is vulnerable to Cross-site scripting (DOM-based) Information Gathering for all java scripts - all architecture from inode /js. The attacker easily can take all information about the js infrastructure and he can use it for dangerous purposes. If this was in PRODUCTION the situation can be a little dangerous!

**STATUS:**

    Severity:   High
    Confidence: Tentative
    

**Conclusion:**

Improper disinfection of the admin inode.

**PoC:**

href

CVE-2022-34988: CVE-nu11secur1ty/vendors/Inout-Blockchain-AltExchanger/2022/Cross-site-scripting-DOM-based-IG-js at main · nu11secur1ty/CVE-nu11secur1ty

Headline

CVE-2022-34988: CVE-nu11secur1ty/vendors/Inout-Blockchain-AltExchanger/2022/Cross-site-scripting-DOM-based-IG-js at main · nu11secur1ty/CVE-nu11secur1ty

CVE: Latest News