CVE-2022-1755 The SVG Support WordPress plugin before 2.5 is not properly handled SVG added via an URL, which could allow users with a role as low as author to perform Cross-Site Scripting attacks.
This issue has been addressed by improved handling of SVG files through the plugin's option for user input. In order to check if
CVE-2022-38079 Cross-Site Request Forgery (CSRF) vulnerability Backup Scheduler plugin <= 1.5.13 at WordPress.
A hacker can trick your visitors into executing unwanted actions on your website by sending them requests that look like the login request but are
CVE-2022-38648 SSRF vulnerability in Batik of Apache XML Graphics allows attacker to fetch external resources.
The Apache XML Graphics Batik library is an open source library licensed under the Apache License 2.0. It provides a bridge between the needs
CVE-2022-3251 Cookie in HTTPS session without 'secure' attribute in GitHub repository ikus060/minarca before 4.2.2.
This issue has been patched in 4.2.2, Keep in mind that 4.2.2 is still in development, so not all of the
CVE-2022-36108 TYPO3 is an open source PHP web content management system. The f:asset.css view helper is vulnerable to cross-site scripting when user input is passed as variables.
When updating, be sure to check the version of TYPO3 installed on the server and don’t forget to restart all running services. If you
Episode
00:00:00
00:00:00