Riasztások
2025. Feb. 24.
NA - CVE-2025-26528 - The drag-and-drop onto image (ddimageortext)...
The drag-and-drop onto image (ddimageortext) question type required additional sanitizing to prevent a stored XSS risk.
2025. Feb. 24.
NA - CVE-2025-26529 - Description information displayed in the site...
Description information displayed in the site administration live log required additional sanitizing to prevent a stored XSS risk.
2025. Feb. 24.
NA - CVE-2025-26530 - The question bank filter required additional...
The question bank filter required additional sanitizing to prevent a reflected XSS risk.
2025. Feb. 24.
NA - CVE-2025-26531 - Insufficient capability checks made it possible...
Insufficient capability checks made it possible to disable badges a user does not have permission to access.
2025. Feb. 24.
NA - CVE-2025-26532 - Additional checks were required to ensure...
Additional checks were required to ensure trusttext is applied (when enabled) to glossary entries being restored.
2025. Feb. 24.
NA - CVE-2025-26533 - An SQL injection risk was identified in the...
An SQL injection risk was identified in the module list filter within course search.
2025. Feb. 24.
NA - CVE-2025-27137 - Dependency-Track is a component analysis...
Dependency-Track is a component analysis platform that allows organizations to identify and reduce risk in the software supply chain. Dependency-Track allows users with the `SYSTEM_CONFIGURATION`...
2025. Feb. 24.
NA - CVE-2024-57608 - An issue in Via Browser 6.1.0 allows a a remote...
An issue in Via Browser 6.1.0 allows a a remote attacker to execute arbitrary code via the mark.via.Shell component.
2025. Feb. 24.
NA - CVE-2025-27140 - WeGIA is a Web manager for charitable...
WeGIA is a Web manager for charitable institutions. An OS Command Injection vulnerability was discovered in versions prior to 3.2.15 of the WeGIA application, `importar_dump.php` endpoint. This...