In LetterPress plugin <= 1.2.1 is vulnerable to Html Injection Vulnerability which can futher leads to Open Redirection Vulnerabilty.
-
Updated
Jan 30, 2024
In LetterPress plugin <= 1.2.1 is vulnerable to Html Injection Vulnerability which can futher leads to Open Redirection Vulnerabilty.
CVE-2019-10092: Limited Cross-Site Scripting via "Proxy Error" Page in Apache HTTP Server
CVE-2023-51518: Preauthenticated Java Deserialization via JMX in Apache James
CVE-2021-42562: Improper Access Control in MITRE Caldera
Sherlock and Watson exploit check against Windows Exploit Suggester NG (WesNG)
CVE-2020-8249: Buffer Overflow in Pulse Secure VPN Linux Client
CVE-2020-12625: Cross-Site Scripting via Malicious HTML Attachment in Roundcube Webmail
In LetterPress plugin <= 1.2.1 is vulnerable to Cookie Stealing Vulnerability. An attacker can able to steal the cookies by injecting the JavaScript code.
CVE-2020-8250: Privilege Escalation via Command Injection in Pulse Secure VPN Linux Client
Search for vulnerabilites in software or hardware and grab actionable CVE information.
CVE-2022-20818: Local Privilege Escalation via Partial File Read in Cisco SD-WAN
Easy alerting of published vulnerabilities in the Red Hat Security Data API.
CVE-2022-24442: FreeMarker Server-Side Template Injection in JetBrains YouTrack
CVE-2021-46365: Unsafe XML Parsing in Magnolia CMS
CVE-2020-13965: Cross-Site Scripting via Malicious XML Attachment in Roundcube Webmail
CVE-2020-8248: Privilege Escalation via Zip Wildcard Exploit in Pulse Secure VPN Linux Client
Add a description, image, and links to the cves topic page so that developers can more easily learn about it.
To associate your repository with the cves topic, visit your repo's landing page and select "manage topics."