CVE-2022-4021 The Permalink Manager lite plugin is vulnerable to Cross-Site Request Forgery due to missing or incorrect nonce validation in versions up to 2.2.20.1.
This occurs because the plugin does not perform nonce checking, which makes it possible for attackers to submit crafted requests and perform actions such as
CVE-2022-3980 V5.0.0 - 9.7.4 Sophos Mobile on-premises has XEE SSRF and potential code execution vulnerabilities.
This vulnerability is an XML External Entity (XEE) issue. In order to exploit this issue, attacker must be able to perform client-side request forgery
CVE-2022-4013 - Hospital Management Center’s CSRF Flaw in appointment.php Explained
A critical vulnerability, tracked as CVE-2022-4013, was discovered in the widely used Hospital Management Center software. The security issue was found in the
CVE-2022-20838 - Stored XSS in Cisco Firepower Management Center Explained
CVE-2022-20838 refers to a group of multiple stored Cross-Site Scripting (XSS) vulnerabilities found in Cisco Firepower Management Center (FMC) software. If you&
CVE-2022-20835 - Deep Dive Into Cisco Firepower Management Center XSS Vulnerabilities
In July 2022, Cisco disclosed a set of critical vulnerabilities grouped under CVE-2022-20835 affecting the web-based management interface of Cisco Firepower Management
Episode
00:00:00
00:00:00