CVE-2024-2220: Stored Cross-Site Scripting (XSS) Vulnerability in Button Contact VR WordPress Plugin through 4.7
The Button Contact VR WordPress plugin (versions up to and including 4.7) is found to be vulnerable to Stored Cross-Site Scripting (XSS) attacks. This
CVE-2024-25737 - Exploiting SSRF and XSS in VuFind’s /Cover/Show Route
On February 2024, a critical security issue, CVE-2024-25737, was publicly disclosed. This vulnerability affects the /Cover/Show route in the popular library discovery platform, VuFind.
CVE-2024-34240 - Real World Exploitation of XSS in QDOCS Smart School 7.. Admin Panel
The education sector gets hit by security bugs like any other tech area. One recent vulnerability, CVE-2024-34240, stands out: QDOCS Smart School 7.. suffers from
CVE-2024-33526 - How Stored XSS in ILIAS User Role Import Puts Admins at Risk (With Exploit Example)
Recently, a serious security vulnerability was discovered in the popular e-learning platform ILIAS. Tracked as CVE-2024-33526, this flaw affects ILIAS 7 before 7.30 and
CVE-2024-28063 - How to Exploit Reflected XSS in Kiteworks Totemomail `/responsiveUI/EnvelopeOpenServlet` (Through 7..)
---
CVE-2024-28063 is a critical reflected cross-site scripting (XSS) vulnerability in Kiteworks Totemomail (all versions up to 7..). It lets attackers inject JavaScript via /responsiveUI/
Episode
00:00:00
00:00:00