CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
Stored xss in showdoc through file upload in GitHub repository star7th/showdoc prior to 2.10.4.
Cross-site Scripting (XSS) - Stored in GitHub repository autolab/autolab prior to 2.8.0.
Host Header injection in password Reset in GitHub repository livehelperchat/livehelperchat prior to 3.97.
Jboss_core_services, Enterprise_linux, Jboss_enterprise_application_platform, Enterprise_linux_server, Jboss_amq_clients_2, Openstack, Virtualization, Virtualization_host, Single_sign-on, Openshift_container_platform
2023-02-12
N/A
7.5 HIGH
A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an attacker who sends a crafted packet processed by dnsmasq, potentially causing a denial of service.
Improper Authorization in GitHub repository saleor/saleor prior to 3.1.2.
File upload filter bypass leading to stored XSS in GitHub repository microweber/microweber prior to 1.2.12.
XSS on dynamic_text module in GitHub repository microweber/microweber prior to 1.2.11.
Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.2.12.
File upload filter bypass leading to stored XSS in GitHub repository microweber/microweber prior to 1.2.12.
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.