Show filters
610 Total Results
Displaying 11-20 of 610
Sort by:
Attacker Value
Unknown
CVE-2024-27187
Disclosure Date: August 20, 2024 (last updated August 21, 2024)
Improper Access Controls allows backend users to overwrite their username when disallowed.
0
Attacker Value
Unknown
CVE-2024-27186
Disclosure Date: August 20, 2024 (last updated August 21, 2024)
The mail template feature lacks an escaping mechanism, causing XSS vectors in multiple extensions.
0
Attacker Value
Unknown
CVE-2024-27185
Disclosure Date: August 20, 2024 (last updated August 21, 2024)
The pagination class includes arbitrary parameters in links, leading to cache poisoning attack vectors.
0
Attacker Value
Unknown
CVE-2024-27184
Disclosure Date: August 20, 2024 (last updated August 21, 2024)
Inadequate validation of URLs could result into an invalid check whether an redirect URL is internal or not..
0
Attacker Value
Unknown
CVE-2024-26279
Disclosure Date: July 09, 2024 (last updated July 20, 2024)
The wrapper extensions do not correctly validate inputs, leading to XSS vectors.
0
Attacker Value
Unknown
CVE-2024-26278
Disclosure Date: July 09, 2024 (last updated July 20, 2024)
The Custom Fields component not correctly filter inputs, leading to a XSS vector.
0
Attacker Value
Unknown
CVE-2024-21731
Disclosure Date: July 09, 2024 (last updated August 17, 2024)
Improper handling of input could lead to an XSS vector in the StringHelper::truncate method.
0
Attacker Value
Unknown
CVE-2024-21730
Disclosure Date: July 09, 2024 (last updated August 17, 2024)
The fancyselect list field layout does not correctly escape inputs, leading to a self-XSS vector.
0
Attacker Value
Unknown
CVE-2024-21729
Disclosure Date: July 09, 2024 (last updated August 17, 2024)
Inadequate input validation leads to XSS vulnerabilities in the accessiblemedia field.
0
Attacker Value
Unknown
CVE-2024-21726
Disclosure Date: February 29, 2024 (last updated February 29, 2024)
Inadequate content filtering leads to XSS vulnerabilities in various components.
0
