CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-30453
https://notcve.org/view.php?id=CVE-2023-30453
The Teamlead Reminder plugin through 2.6.5 for Jira allows persistent XSS via the message parameter. • https://marketplace.atlassian.com/apps/1217030/reminder-for-jira-follow-up-issues?tab=overview&hosting=cloud https://y-security.de/news-en/reminder-for-jira-cross-site-scripting-cve-2023-30453/index.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 1CVE-2021-24684 – PDF Light Viewer < 1.4.12 - Authenticated Command Injection
https://notcve.org/view.php?id=CVE-2021-24684
The WordPress PDF Light Viewer Plugin WordPress plugin before 1.4.12 allows users with Author roles to execute arbitrary OS command on the server via OS Command Injection when invoking Ghostscript. El plugin PDF Light Viewer de WordPress versiones anteriores a 1.4.12, permite a usuarios con roles de autor ejecutar un comando de Sistema Operativo arbitrario en el servidor por medio de una inyección de comandos del Sistema Operativo cuando es invocado Ghostscript • https://wpscan.com/vulnerability/b5295bf9-8cf6-416e-b215-074742a5fc63 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •