Tag
#webkit
Adapt CMS version 3.0.3 suffers from persistent cross site scripting and remote shell upload vulnerabilities.
XoopsCore25 version 2.5.11 suffers from a cross site scripting vulnerability.
Ubuntu Security Notice 6631-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
Complaint Management System version 2.0 suffers from multiple remote SQL injection vulnerabilities.
Debian Linux Security Advisory 5618-1 - Vulnerabilities have been discovered in the WebKitGTK web engine. An anonymous researcher discovered that a maliciously crafted webpage may be able to fingerprint the user. Wangtaiyu discovered that processing web content may lead to arbitrary code execution. Apple discovered that processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited.
For their part, the U.S. did roll out new restrictions on the visas of any foreign individuals who misuse commercial spyware.
SISQUAL WFM version 7.1.319.103 suffers from a host header injection vulnerability.
Apple Security Advisory 02-02-2024-1 - visionOS 1.0.2 addresses a code execution vulnerability.
Gym Management System version 1.0 suffers from a persistent cross site scripting vulnerability. Original credit for this finding goes to Jyotsna Adhana in October of 2020 but uses a different vector of attack for this software version.
WhatsUp Gold 2022 version 22.1.0 Build 39 suffers from a persistent cross site scripting vulnerability.