Security
Headlines
HeadlinesLatestCVEs

Tag

#xss

CVE-2023-30223: Packet Storm

A broken authentication vulnerability in 4D SAS 4D Server software v17, v18, v19 R7, and earlier allows attackers to send crafted TCP packets containing requests to perform arbitrary actions.

CVE
#xss#csrf#vulnerability#web#apple#ubuntu#linux#debian#red_hat#dos#git#java#kubernetes#wordpress#ldap#ssrf#buffer_overflow#auth#rpm#chrome#sap
QuickJob Portal 6.1 Cross Site Scripting

QuickJob Portal version 6.1 suffers from a cross site scripting vulnerability.

Quicklancer Freelance Marketplace 2.4 Cross Site Scripting

Quicklancer Freelance Marketplace version 2.4 suffers from a cross site scripting vulnerability.

QuickHomes Real Estate CMS 1.3 Cross Site Scripting

QuickHomes Real Estate CMS version 1.3 suffers from a cross site scripting vulnerability.

Red Hat Security Advisory 2023-3642-01

Red Hat Security Advisory 2023-3642-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. This new container image is based on Red Hat Ceph Storage 6.1 and Red Hat Enterprise Linux 9. Issues addressed include bypass, cross site scripting, denial of service, information leakage, spoofing, and traversal vulnerabilities.

Red Hat Security Advisory 2023-3623-01

Red Hat Security Advisory 2023-3623-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. These new packages include numerous enhancements and bug fixes. Issues addressed include cross site scripting and denial of service vulnerabilities.

Red Hat Security Advisory 2023-3610-01

Red Hat Security Advisory 2023-3610-01 - Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Issues addressed include bypass, code execution, cross site request forgery, cross site scripting, denial of service, memory exhaustion, and resource exhaustion vulnerabilities.

CVE-2023-30453: Reminder for Jira - Follow Up Issues | Atlassian Marketplace

The Teamlead Reminder plugin through 2.6.5 for Jira allows persistent XSS via the message parameter.

GHSA-f4m6-x2xj-jc7w: ke_search (aka Faceted Search) vulnerable to Cross-Site Scripting

The ke_search (aka Faceted Search) extension before 4.0.3, 4.1.x through 4.6.x before 4.6.6, and 5.x before 5.0.2 for TYPO3 allows XSS via indexed data.

CVE-2023-35783: Cross-Site Scripting in extension "Faceted Search" (ke_search)

The ke_search (aka Faceted Search) extension before 4.0.3, 4.1.x through 4.6.x before 4.6.6, and 5.x before 5.0.2 for TYPO3 allows XSS via indexed data.