CVE-2024-25202 - How a Simple XSS in PHPGurukul User Registration & Login Let Hackers Run Rogue Code
Discovered: Early 2024
Component: PHPGurukul User Registration & Login and User Management System *v1.*
Vulnerability Type: Cross-Site Scripting (XSS)
CVE: CVE-2024-25202
Introduction
In February 2024,
CVE-2024-27103 - XSS in Querybook Search, How Hackers Could Steal Your Data
In February 2024, security researchers publicly disclosed CVE-2024-27103, a serious Cross-Site Scripting (XSS) vulnerability in Querybook, the open-source UI for Big Data querying and collaboration.
CVE-2024-1636 - Potential Cross-Site Scripting (XSS) in Page Editing Areas — Exclusive Deep Dive & Exploit Example
CVE-2024-1636 is a recently disclosed security vulnerability affecting the page editing interface in popular content management systems (CMS), including (but not limited to) certain versions
CVE-2024-26300 - Exploiting Aruba ClearPass Guest XSS for Privilege Escalation
In February 2024, security researchers uncovered a critical vulnerability (CVE-2024-26300) in Aruba’s ClearPass Policy Manager. This bug centers around stored cross-site scripting (XSS) within
CVE-2024-26542 - Cross Site Scripting (XSS) in Bonitasoft up to 7.14—How Attackers Exploit Groups Display Name
CVE-2024-26542 is a freshly-identified Cross Site Scripting (XSS) bug affecting Bonitasoft, S.A’s process management platform. This security hole exists in versions up to
Episode
00:00:00
00:00:00