Security
Headlines
HeadlinesLatestCVEs

Tag

#java

CVE-2022-22387: IBM Application Gateway cross-site scripting CVE-2022-22387 Vulnerability Report

IBM Application Gateway is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 221965.

CVE
Open in Source
#xss#vulnerability#web#java#ibm
CVE-2022-35722: IBM Jazz for Service Management is vulnerable to stored cross-site scripting (CVE-2022-35722)

IBM Jazz for Service Management is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 231381.

WordPress Motopress Hotel Booking Lite 4.4.2 Cross Site Scripting

Motopress Hotel Booking Lite plugin version 4.4.2 suffers from a persistent cross site scripting vulnerability.

CVE-2022-39054: 科威資訊 企業旅遊管理系統 - Reflected XSS

Cowell enterprise travel management system has insufficient filtering for special characters within web URL. An unauthenticated remote attacker can inject JavaScript and perform XSS (Reflected Cross-Site Scripting) attack.

CVE-2022-39035: 聯銓資訊科技 Smart eVision - Stored XSS

Smart eVision has insufficient filtering for special characters in the POST Data parameter in the specific function. An unauthenticated remote attacker can inject JavaScript to perform XSS (Stored Cross-Site Scripting) attack.

CVE-2022-39053: 黑快馬 Rpage – Reflected XSS

Heimavista Rpage has insufficient filtering for platform web URL. An unauthenticated remote attacker can inject JavaScript and perform XSS (Reflected Cross-Site Scripting) attack.

CVE-2022-37028: School Management Information System - iSAMS

ISAMS 22.2.3.2 is prone to stored Cross-site Scripting (XSS) attack on the title field for groups, allowing an attacker to store a JavaScript payload that will be executed when another user uses the application.

Ubuntu Security Notice USN-5642-1

Ubuntu Security Notice 5642-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

Red Hat Security Advisory 2022-6700-01

Red Hat Security Advisory 2022-6700-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.3.0 ESR. Issues addressed include a bypass vulnerability.