CVE-2022-40604 Airflow url had formatting issue, allowing for information extraction.
The following flow was not escaping all text within it, allowing for cross site scripting (XSS) attacks. a href="%= request.getPathName() %>">
CVE-2022-40754 The webserver's `/confirm` endpoint had an open redirect.
This would redirect a user to their email if they had requested a confirmation link. This was fixed in 2.3.5. Upgrading to 2.
CVE-2022-35957 Grafana is an open-source platform for monitoring and observability
There is a critical vulnerability in all versions of Grafana from 8.5.13 to 9.1.6 that can be exploited by an anonymous
CVE-2022-33735 There is a password verification vulnerability in WS7200-10 11.0.2.13
There is a cross-site scripting (XSS) vulnerability in WS7200-10 11.0.2.13. An attacker can inject malicious code into the Web page, which may
CVE-2022-35196 TestLink v1.9.20 had a CSRF vulnerbility in plan/planView.php.
This issue was resolved by updating to version 1.9.21 or higher. Inspect the application URL to determine if you are running an outdated
Episode
00:00:00
00:00:00