#php

The User Submitted Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘user-submitted-content’ parameter in versions up to, and including, 20230809 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Cross-site Scripting (XSS) - Reflected in GitHub repository librenms/librenms prior to 23.8.0.

Red Hat Security Advisory 2023-4625-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation.

BookingWizz version 6.0.1 suffers from an information leakage vulnerability.

DBCInfoTech CMS version 2.0 suffers from an unauthenticated administrator reinstall vulnerability.

Education Time Indonesian School CRM version 1.7 suffers from a cross site scripting vulnerability.

Eden CMS version 1.02 suffers from a cross site scripting vulnerability.

Ecommerce Responsive version 1.2 suffers from an insecure direct object reference vulnerability.

E-Biz CMS version 2.0 suffers from a cross site request forgery vulnerability.

EasyPX CMS version 06.02.04 suffers from a cross site scripting vulnerability.