Security
Headlines
HeadlinesLatestCVEs

Tag

#xss

CVE-2023-2341: fixed xss on login page (#14975) · pimcore/pimcore@66f1089

Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore prior to 10.5.21.

CVE
#xss#csrf#git#auth
CVE-2023-2342

Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.5.21.

CVE-2023-2343: [Security] XSS in Classification Store of Data Objects module (#14933) · pimcore/pimcore@f1d9040

Cross-site Scripting (XSS) - DOM in GitHub repository pimcore/pimcore prior to 10.5.21.

CVE-2023-2339

Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.5.21.

CVE-2023-2328

Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore prior to 10.5.21.

CVE-2023-2327: [Security] Fixed XSS in class editor using date fields (#14930) · pimcore/pimcore@fb3056a

Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.21.

CVE-2023-2323

Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.21.

CVE-2023-2322: Security fix in Properties Parameter (#14825) · pimcore/pimcore@9fc6748

Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.21.

CVE-2023-28770: Zyxel security advisory for multiple vulnerabilities | Zyxel Networks

The sensitive information exposure vulnerability in the CGI “Export_Log” and the binary “zcmd” in Zyxel DX5401-B0 firmware versions prior to V5.17(ABYO.1)C0 could allow a remote unauthenticated attacker to read the system files and to retrieve the password of the supervisor from the encrypted file.