CVE-2024-2220: Stored Cross-Site Scripting (XSS) Vulnerability in Button Contact VR WordPress Plugin through 4.7
The Button Contact VR WordPress plugin (versions up to and including 4.7) is found to be vulnerable to Stored Cross-Site Scripting (XSS) attacks.
CVE-2024-25737 - Exploiting SSRF and XSS in VuFind’s /Cover/Show Route
On February 2024, a critical security issue, CVE-2024-25737, was publicly disclosed. This vulnerability affects the /Cover/Show route in the popular library discovery
CVE-2024-34240 - Real World Exploitation of XSS in QDOCS Smart School 7.. Admin Panel
The education sector gets hit by security bugs like any other tech area. One recent vulnerability, CVE-2024-34240, stands out: QDOCS Smart School 7.
CVE-2024-33526 - How Stored XSS in ILIAS User Role Import Puts Admins at Risk (With Exploit Example)
Recently, a serious security vulnerability was discovered in the popular e-learning platform ILIAS. Tracked as CVE-2024-33526, this flaw affects ILIAS 7 before
CVE-2024-28063 - How to Exploit Reflected XSS in Kiteworks Totemomail `/responsiveUI/EnvelopeOpenServlet` (Through 7..)
---
CVE-2024-28063 is a critical reflected cross-site scripting (XSS) vulnerability in Kiteworks Totemomail (all versions up to 7..). It lets attackers inject JavaScript
Episode
00:00:00
00:00:00