CVE-2022-42119 Certain Liferay products are vulnerable to Cross Site Scripting (XSS) via the Commerce module
In some cases malicious users can inject malicious scripts into the system through the Commerce REST API. An attacker can exploit this by injecting a
CVE-2022-39385 - Discourse Private Message Leakage via Invitation Redemption
_Discovered: November 2022_
_Affected Software: Discourse (open source discussion platform)_
Introduction
Discourse is a popular open source forum platform known for hosting vibrant, secure online
CVE-2022-27896 - Information Exposure Through Log Files in Palantir Foundry Code-Workbooks
Summary:
CVE-2022-27896 points to a serious vulnerability that exposed sensitive authentication tokens in the log files of Palantir Foundry Code-Workbooks. This shortcoming potentially gave threat
CVE-2022-34316 - Exposing Web Script Injection in IBM CICS TX 11.1—Technical Deep Dive and Exploit Analysis
IBM CICS TX is an important software for transaction processing, widely used in enterprise environments. In June 2022, a serious vulnerability (CVE-2022-34316) was discovered in
CVE-2022-34315 - How IBM CICS TX 11.1’s Web UI Cross-Site Scripting Flaw Could Expose Your Credentials
In the modern enterprise, IBM’s Customer Information Control System (CICS) is a critical software suite for handling massive business transactions. However, in July 2022,
Episode
00:00:00
00:00:00