Union Pay up to 1.2.0, for web based versions contains a CWE-347: Improper Verification of Cryptographic Signature vulnerability, allows attackers to shop for free in…

Redmine before 3.4.13 and 4.x before 4.0.6 mishandles markup data during Textile formatting. Devamını Oku

Redmine before 4.0.7 and 4.1.x before 4.1.1 has XSS via the back_url field. Devamını Oku

Redmine before 4.0.7 and 4.1.x before 4.1.1 has stored XSS via textile inline links. Devamını Oku

Redmine before 4.0.7 and 4.1.x before 4.1.1 allows attackers to discover the subject of a non-visible issue by performing a CSV export and reading time…

Redmine before 3.4.13 and 4.x before 4.0.6 mishandles markup data during Textile formatting. Devamını Oku

Redmine before 4.0.7 and 4.1.x before 4.1.1 has XSS via the back_url field. Devamını Oku

Redmine before 4.0.7 and 4.1.x before 4.1.1 has stored XSS via textile inline links. Devamını Oku

Redmine before 4.0.7 and 4.1.x before 4.1.1 allows attackers to discover the subject of a non-visible issue by performing a CSV export and reading time…

WSO2 Management Console through 5.10 allows XSS via the carbon/admin/login.jsp msgId parameter. Devamını Oku