CVE-2022-3519 An unknown function of the component Quote Requests Tab is affected by a vulnerability.
According to Cisco advisory, Quote Requests Tab allows creating comments on quotes and could be exploited to inject malicious code. The exploitation of this vulnerability
CVE-2022-37599 A ReDoS flaw was found in Function interpolateName in webpack loader-utils 2.0.0 via the resourcePath variable.
A remote attacker could leverage this vulnerability to cause a denial of service (DoS) condition on a targeted system by injecting malicious JavaScript code into
CVE-2022-40248 An HTML injection vulnerability exists in CERT/CC VINCE software prior to 1.50.4
An attacker can inject arbitrary HTML, script, or CSS into the "Product Affected" form field. This can lead to the disclosure of confidential
CVE-2022-3438 Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.0a4.
This is a known issue and has been fixed with the v2.5.0a5 release. We recommend using the latest version of Redirect. If you
CVE-2022-2861 The Extensions API in Google Chrome prior to 104.0.5112.101 allowed attackers to inject scripts into WebUI.
An attacker could use this to inject content into WebUI, such as a phishing form, or execute arbitrary code. Google Chrome prior to 105.0.
Episode
00:00:00
00:00:00