CVE-2022-45398 An CSRF vulnerability in Jenkins Cluster Statistics Plugin 0.4.6 and earlier allows attackers to delete recorded Jenkins Cluster Statistics.
CSRF is a type of Hijacking where an attacker tricks another user into performing an action on the victim’s behalf by tricking the victim
CVE-2022-3893 BlueSpice Custom Menu extension can be exploited via XSS attack by an admin user.
XSS can be exploited to execute arbitrary script code in user session or obtain confidential information (CSRF). BlueSpice is currently the only confirmed XSS vulnerability
CVE-2022-35613 Konker v2.3.9 was to discovered to contain a Cross-Site Request Forgery (CSRF).
CSRF is a type of attack that occurs when a user browses to a maliciously crafted website to perform an action they would not normally
CVE-2022-43967 CMS below 8.5.10 and between 9.0.0 and 9.1.2 is vulnerable to Reflected XSS due to un-sanitized output.
XSS in the multilingual edit form is possible due to the lack of escaping of user-specified languages. This could allow for XSS injection attacks if
CVE-2022-43323 EyouCMS V1.5.9-UTF8-SP1 was found to have a CSRF vulnerability in the Top Up Balance component.
This issue can be exploited to hijack the user's session if he/she has the same email address on the site as on
Episode
00:00:00
00:00:00