Tag
#xss
The Email Viewer in RainLoop through 1.6.0 allows XSS via a crafted email message.
Open Source Point of Sale v3.3.7 was discovered to contain an arbitrary file upload vulnerability via the Update Branding Settings page.
Possible cross-site scripting vulnerability in libxml after commit 960f0e2.
In zulip before 1.3.12, bot API keys were accessible to other users in the same realm.
In kippo-graph before version 1.5.1, there is a cross-site scripting vulnerability in xss_clean() in class/KippoInput.class.php.
Authenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in GS Plugins GS Testimonial Slider plugin <= 1.9.1 at WordPress.
An issue has been discovered in GitLab affecting all versions starting from 15.0 before 15.0.1. Missing validation of input used in quick actions allowed an attacker to exploit XSS by injecting HTML in contact details.
Loan Management System version 1.0 suffers from a persistent cross site scripting vulnerability.
Red Hat Product Security has been developing RapiDAST, a tool that can be used for security testing of products and services. DAST stands for dynamic application (or analysis) security testing. In this article, we introduce the tool and ideas that can help you with applying DAST into your software development life cycle.
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger a stack-based buffer overflow on the NetBackup Primary server, resulting in a denial of service.