CVE-2022-34305 Tomcat versions 10.1.0 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 do not filter user provided data, which exposes a XSS vulnerability.
This has been fixed in these versions. Apache Tomcat 9.0.0-M1, 8.5.0-8, 8.0.18, 7.x versions and earlier are vulnerable.
CVE-2022-23072 V1.0.5 to 1.2.5 are vulnerable to stored XSS in "Add to Cart" functionality.
In version 1.3.0, this issue was fixed. Add to Cart functionality was also fixed in version 1.2.5. Add to Cart functionality
CVE-2022-21503 Vulnerability in Oracle Cloud Infrastructure product allows high privileged attacker with network access to compromise Oracle Cloud Infrastructure.
CVE-2022-21585 is also known as Cloud Control ‐ Cloud Control is an application that provides organizations with a centralized view of their cloud resources. It provides
CVE-2022-31757 The setting module has a vulnerability of improper use of APIs
In order to exploit this vulnerability, an attacker must be able to convince an authenticated user to visit a specially crafted website.
It has been
CVE-2022-22576 An authentication vulnerability in curl 7.33 to 7.82 might allow attackers to reuse OAuth2-authenticated connections.
A malicious or compromised remote server could send an authorised request to the client computer with the same credentials as were used for the initial
Episode
00:00:00
00:00:00