For individuals

A cross-site scripting (xss) vulnerability exists in the add_alert_check page of Observium CE 24.4.13528. A specially crafted HTTP request can lead to a arbitrary javascript code execution. An...

Missing Authorization vulnerability in Poll Maker Team Poll Maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Poll Maker: from n/a through 5.5.6.

A “Use of a Broken or Risky Cryptographic Algorithm” vulnerability in the SSL/TLS component used in B&R Automation Runtime versions before 6.1 and B&R mapp View versions before 6.1 may be abused by...

Mattermost versions 10.2.x

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in galleryape Photo Gallery – Image Gallery by Ape allows Reflected XSS.This issue...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AGILELOGIX Free Google Maps allows Stored XSS.This issue affects Free Google Maps:...

Server-Side Request Forgery (SSRF) vulnerability in Faizaan Gagan Course Migration for LearnDash allows Server Side Request Forgery.This issue affects Course Migration for LearnDash: from 1.0.2...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NCiphers SEO Bulk Editor allows Stored XSS.This issue affects SEO Bulk Editor: from...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MojofyWP Product Carousel For WooCommerce – WoorouSell allows Stored XSS.This issue...

Missing Authorization vulnerability in Infomaniak Staff VOD Infomaniak allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VOD Infomaniak: from n/a through...