CVE-2022-38402 Adobe InCopy versions 17.3 and earlier are vulnerable to a Heap-based Buffer Overflow that could give remote code execution to the user who runs the affected application.
In the majority of cases, InCopy will close the file before the user has a chance to open it. This prevents InCopy from being exploited.
CVE-2022-38401 Adobe InCopy versions 17.3 and earlier are vulnerable to a Heap-based Buffer Overflow that could give remote code execution to the user who runs the affected application.
In the majority of cases, InCopy will close the file before the user has a chance to open it. This prevents InCopy from being exploited.
CVE-2022-37775 Genesys PureConnect Interaction Web Tools Chat Service has XSS in the Printable Chat History via the participant -> name JSON POST parameter.
This injection can be used for issuing a XSS attack to the system users or to other systems if the users are logged in to
CVE-2022-2799 The Affiliates Manager WordPress plugin before 2.9.14 has unsafe settings that allow attackers to do Cross-Site Scripting.
Plugin writers are encouraged to review the settings they have access to to make sure they are only accessible to the WordPress roles that they
CVE-2022-38305 AeroCMS v0.0.1 had an arbitrary file upload vulnerability in the /admin/profile.php component.
To exploit this issue, an attacker must trick a user to upload a file and then access the file via an HTTP request.
AeroCMS v0.
Episode
00:00:00
00:00:00