Show filters
12 Total Results
Displaying 11-12 of 12
Sort by:
Attacker Value
Unknown
CVE-2019-13493
Disclosure Date: July 17, 2019 (last updated November 27, 2024)
In Sitecore 9.0 rev 171002, Persistent XSS exists in the Media Library and File Manager. An authenticated unprivileged user can modify the uploaded file extension parameter to inject arbitrary JavaScript.
0
Attacker Value
Unknown
CVE-2019-20388
Disclosure Date: April 19, 2019 (last updated February 21, 2025)
xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.
0
