CVE-2022-27894 - Critical XSS Vulnerability in The Foundry’s Blobster Service – Analysis, Exploit, and Fix
CVE ID: CVE-2022-27894
Product: Blobster (The Foundry)
Vulnerability Type: Cross-Site Scripting (XSS)
Patched In: Blobster 3.228.
Disclosure: Public
Severity: High
Introduction
In March 2022,
CVE-2022-3721 - Code Injection in Froxlor Before .10.39—What You Need To Know
CVE-2022-3721 is a severe vulnerability found in the Froxlor web hosting management panel, affecting versions before .10.39. If you run your server using Froxlor,
CVE-2022-38710 - Exposing Sensitive Version Details in IBM Robotic Process Automation
In 2022, a security vulnerability was found in IBM Robotic Process Automation (RPA) versions 21..1 and 21..2. This issue, tracked as CVE-2022-38710 and
CVE-2022-42744 - How a Simple entriesPerPage Parameter Exposed CandidATS 3.. to SQL Injection and Unrestricted Database Operations
In the world of recruitment software, security doesn’t always get the spotlight it deserves. CandidATS—an open-source applicant tracking system—made headlines after the
CVE-2022-42748 - XSS in CandidATS 3.. lets Attackers Steal User Cookies via ‘sortDirection’
In November 2022, a vulnerability (CVE-2022-42748) was identified in CandidATS version 3.. – a popular open-source applicant tracking system. This bug lets external attackers craft malicious
Episode
00:00:00
00:00:00