CVE-2022-45393 An CSRF vulnerability in the Delete log Plugin 1.0 and earlier allows attackers to delete build logs.
CSRF, or cross-site request forgery, is a type of malicious attack in which an imposter site persuades a victim’s Web browser or computer to
CVE-2022-3893 BlueSpice Custom Menu extension can be exploited via XSS attack by an admin user.
XSS can be exploited to execute arbitrary script code in user session or obtain confidential information (CSRF). BlueSpice is currently the only confirmed XSS vulnerability
CVE-2022-35613 Konker v2.3.9 was to discovered to contain a Cross-Site Request Forgery (CSRF).
CSRF is a type of attack that occurs when a user browses to a maliciously crafted website to perform an action they would not normally
CVE-2022-43967 CMS below 8.5.10 and between 9.0.0 and 9.1.2 is vulnerable to Reflected XSS due to un-sanitized output.
XSS in the multilingual edit form is possible due to the lack of escaping of user-specified languages. This could allow for XSS injection attacks if
CVE-2022-44387 EyouCMS V1.5.9-UTF8-SP1 had a CSRF vulnerability in the Basic Information component of the Edit Member module.
An attacker could exploit this issue to force the user to login via CSRF if they have access to the backend system. In certain cases,
Episode
00:00:00
00:00:00