CVE-2022-40248 An HTML injection vulnerability exists in CERT/CC VINCE software prior to 1.50.4
An attacker can inject arbitrary HTML, script, or CSS into the "Product Affected" form field. This can lead to the disclosure of confidential
CVE-2022-3438 Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.0a4.
This is a known issue and has been fixed with the v2.5.0a5 release. We recommend using the latest version of Redirect. If you
CVE-2022-2861 The Extensions API in Google Chrome prior to 104.0.5112.101 allowed attackers to inject scripts into WebUI.
An attacker could use this to inject content into WebUI, such as a phishing form, or execute arbitrary code. Google Chrome prior to 105.0.
CVE-2022-1755 The SVG Support WordPress plugin before 2.5 is not properly handled SVG added via an URL, which could allow users with a role as low as author to perform Cross-Site Scripting attacks.
This issue has been addressed by improved handling of SVG files through the plugin's option for user input. In order to check if
CVE-2022-38079 Cross-Site Request Forgery (CSRF) vulnerability Backup Scheduler plugin <= 1.5.13 at WordPress.
A hacker can trick your visitors into executing unwanted actions on your website by sending them requests that look like the login request but are
Episode
00:00:00
00:00:00