Navigate CMS 2.9 allows XSS via the Alias or Real URL field of the "Web Sites > Create > Aliases > Add" …
CMS Made Simple 2.2.14 allows XSS via a Search Term to the admin/moduleinterface.php?mact=ModuleManager …
A reflected cross-site scripting (XSS) vulnerability in Dolibarr 11.0.3 allows remote attackers to inject arbitrary web script or HTML into …
In Octopus Deploy 2018.8.0 through 2019.x before 2019.12.2, an authenticated user with could trigger a deployment that leaks the Helm Chart …
Strapi before 3.0.2 could allow a remote authenticated attacker to bypass security restrictions because templates are stored in a global …
An issue was discovered in Mattermost Server before 5.7. It allows a bypass of e-mail address discovery …
An issue was discovered in Mattermost Server before 5.7, 5.6.3, 5.5.2, and 4.10.5. It mishandles permissions for user-access token …
An issue was discovered in Mattermost Server before 5.7, 5.6.3, 5.5.2, and 4.10.5. It allows attackers to cause a denial of service (memory …
An issue was discovered in Mattermost Server before 5.7.1, 5.6.4, 5.5.3, and 4.10.6. It does not honor flags API permissions when deciding …
An issue was discovered in Mattermost Server before 5.8.0. The first user is sometimes inadvertently a system …
An issue was discovered in Mattermost Server before 5.8.0. It does not always generate a robots.txt …
An issue was discovered in Mattermost Server before 5.8.0. It allows attackers to partially attach a file to more than one …
●●●
NVD
EXPLOITS
SECURELIST