CVE-2022-4105 - Exploiting Stored XSS and HTML Injection in Kiwi Test Plan for Clickjacking Attacks
CVE-2022-4105 is a serious vulnerability found in Kiwi TCMS, a popular open-source test management system. Attackers can use a _stored Cross-Site Scripting (XSS)_ bug to
CVE-2022-44071 Zenario CMS 9.3.57186 is is vulnerable to Cross Site Scripting (XSS) via profile.
An attacker can trick a user into entering malicious code into the profile form via XSS. XSS is a type of malicious code that can
CVE-2022-3578 The ProfileGrid WordPress plugin before 5.1.1 is vulnerable to Reflected XSS, which could be used to steal cookies and other data.
attack where a malicious user could inject malicious script code into the website via the website’s input parameters. If you are using this plugin
CVE-2022-41874 - Tauri Filesystem Scope Bypass Explained – How Special Characters Led to a Security Glitch
Tauri is an open-source framework that lets you build lightweight, secure desktop apps using web technologies like JavaScript, HTML, and CSS. You can use Tauri
CVE-2022-36077 - How Sensitive Data Escaped Through Electron Redirects
Summary:
CVE-2022-36077 reveals a severe vulnerability in the Electron framework before versions 21..-beta.1, 20..1, 19..11, and 18.3.7. Electron, widely
Episode
00:00:00
00:00:00