Erxes, an experience operating system (XOS) with a set of plugins, is vulnerable to cross-site scripting in versions 0.22.3 and prior. This results in client-side…

Countly, a product analytics solution, is vulnerable to cross-site scripting prior to version 21.11 of the community edition. The victim must follow a malicious link…

Mind-elixir is a free, open source mind map core. Prior to version 0.18.1, mind-elixir is prone to cross-site scripting when handling untrusted menus. This issue…

jQuery MiniColors is a color picker built on jQuery. Prior to version 2.3.6, jQuery MiniColors is prone to cross-site scripting when handling untrusted color names.…

Gnuboard 5.5.4 and 5.5.5 is vulnerable to Insecure Permissions. An attacker can change password of all users without knowing victim’s original password. Zafiyet ile ilgili…

Prototype Pollution in Visioweb.js 1.10.6 allows attackers to execute XSS on the client system. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku…

A vulnerability has been found in rtcwcoop 1.0.2 and classified as problematic. Affected by this vulnerability is the function AICast_ScriptLoad of the file code/game/ai_cast_script.c of…

Octobox is software for managing GitHub notifications. Prior to pull request (PR) 2807, a user of the system can provide a specifically crafted search query…

HyperKit is a toolkit for embedding hypervisor capabilities in an application. In versions 0.20210107 and prior, a malicious guest can trigger a vulnerability in the…

A vulnerability was found in meta4creations Post Duplicator Plugin 2.18. It has been classified as problematic. Affected is the function mtphr_post_duplicator_notice of the file includes/notices.php.…