CVE-2022-44387 EyouCMS V1.5.9-UTF8-SP1 had a CSRF vulnerability in the Basic Information component of the Edit Member module.
An attacker could exploit this issue to force the user to login via CSRF if they have access to the backend system. In certain cases,
CVE-2022-43692 Reflected XSS can be exploited by a user if the targeted administrator is using an older browser that lacks XSS protection.
If you are running a version before 8.5.10 and are using a browser that supports XSS protection you must update to a version
CVE-2022-43693 - Concrete CMS CSRF Flaw in Core OAuth – How Attackers Can Hijack Your Login
Concrete CMS is a popular open-source content management system powering many government and enterprise websites. In late 2022, a worrying vulnerability — now tracked as CVE-2022-43693
CVE-2022-3632 - How Missing CSRF Checks in OAuth Client by DigitalPixies Expose Your WordPress Site
Security flaws in WordPress plugins can give hackers an opening to bypass protections and mess with your website. One such flaw—CVE-2022-3632—affects the OAuth
CVE-2022-3477 The tagDiv Composer WordPress plugin before 3.5, required by the Newspaper and Newsmag WordPress themes, doesn't properly implement Facebook login, which allows attackers to login as any use.
This issue was addressed by Facebook in its security update on April 18th, 2018. More details on this issue can be found in the linked
Episode
00:00:00
00:00:00