![]() ![]() ![]() ![]() This could allow a remote attacker to load arbitrary JavaScript code. Roundcube before 1.4.15, 1.5.x before 1.5.5, and 1.6.x before 1.6.4 allows stored XSS via an HTML e-mail message with a crafted SVG document because of program/lib/Roundcube/rcube_washtml.php behavior. The associated identifier of this vulnerability is VDB-243131. The exploit has been disclosed to the public and may be used. The manipulation of the argument email leads to sql injection. This issue affects some unknown processing of the file pages_reset_pwd.php. The identifier VDB-243133 was assigned to this vulnerability.Ī vulnerability was found in CodeAstro Internet Banking System 1.0 and classified as critical. The manipulation of the argument email with the input testing%'%26%25alert(9860) leads to cross site scripting. Affected by this vulnerability is an unknown functionality of the file pages_reset_pwd.php. This issue affects Proofpoint Enterprise Protection: from 8.20.0 before patch 4796, from 8.18.6 before patch 4795 and all other prior versions.Ī vulnerability was found in CodeAstro Internet Banking System 1.0. An unauthenticated attacker can send a specially crafted email with HTML in the subject which triggers XSS when viewing quarantined messages. Proofpoint Enterprise Protection contains a stored XSS vulnerability in the AdminUI. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |