Headline

GHSA-79gx-3fm8-qxqq: Microweber vulnerable to cross-site scripting (XSS)

Microweber version 1.3.1 allows an unauthenticated user to perform an account takeover via an XSS on the ‘select-file’ parameter. There was a patch released in the development branch but is not yet committed to the main branch.

1 year ago

ghsa

Open in Source

#xss #web #git #auth

Microweber vulnerable to cross-site scripting (XSS)

Moderate severity GitHub Reviewed Published Nov 25, 2022 • Updated Dec 2, 2022

Microweber version 1.3.1 allows an unauthenticated user to perform an account takeover via an XSS on the 'select-file' parameter.

1 year ago

CVE

Open in Source

#sql #xss #web #microsoft #apache #git #php #nginx #auth #mongo #postgres #ssl

ghsa: Latest News

GHSA-9h9q-qhxg-89xr: Filament has unvalidated ColorColumn and ColorEntry values that can be used for Cross-site Scripting

2 days ago

ghsa

GHSA-jg74-mwgw-v6x3: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default

3 days ago

ghsa

GHSA-h4h5-9833-v2p4: Rancher agents can be hijacked by taking over the Rancher Server URL

3 days ago

ghsa

GHSA-g54f-66mw-hv66: Agnai vulnerable to Relative Path Traversal in Image Upload

3 days ago

ghsa

GHSA-h355-hm5h-cm8h: Agnai File Disclosure Vulnerability: JSON via Path Traversal

3 days ago

ghsa

Headline

GHSA-79gx-3fm8-qxqq: Microweber vulnerable to cross-site scripting (XSS)

Related news

ghsa: Latest News