7 results (0.038 seconds)

CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 1

Cross-Site Request Forgery (CSRF) in GitHub repository yourls/yourls prior to 1.8.3. Una vulnerabilidad de tipo Cross-Site Request Forgery (CSRF) en el repositorio de GitHub yourls/yourls versiones anteriores a 1.8.3 • https://github.com/yourls/yourls/commit/1de256d8694b0ec7d4df2ac1d5976d4055e09d59 https://huntr.dev/bounties/d01f0726-1a0f-4575-ae17-4b5319b11c29 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

yourls is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') yourls es vulnerable a la Neutralización Inapropiada de la Entrada durante la Generación de la Página Web ("Cross-site Scripting") • https://github.com/yourls/yourls/commit/1d8e224ebabb8a4c75b97f026950ed710faab0ff https://huntr.dev/bounties/b4085d13-54fa-4419-a2ce-1d780cc31638 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.6EPSS: 0%CPEs: 1EXPL: 0

yourls is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') yourls es vulnerable a una Neutralización Inapropiada de la Entrada durante la Generación de la Página Web ("Cross-site Scripting") • https://github.com/yourls/yourls/commit/94f6bab91182142c96ff11f481585b445449efd4 https://huntr.dev/bounties/b688e553-d0d9-4ddf-95a3-ff4b78004984 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

yourls is vulnerable to Improper Restriction of Rendered UI Layers or Frames yourls es vulnerable a una Restricción Inapropiada de Capas o Marcos de Interfaz de Usuario Renderizados • https://github.com/yourls/yourls/commit/0a70acdcfb5fcbc63dbc5750018d608288eba3fe https://huntr.dev/bounties/dd2e2dbe-efe5-49ec-be11-7a7e7c41debd • CWE-352: Cross-Site Request Forgery (CSRF) CWE-1021: Improper Restriction of Rendered UI Layers or Frames •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

Multiple Stored Cross Site Scripting (XSS) vulnerabilities exist in the YOURLS Admin Panel, Versions 1.5 - 1.7.10. An authenticated user must modify a PHP plugin with a malicious payload and upload it, resulting in multiple stored XSS issues. Se presentan múltiples vulnerabilidades de tipo Cross Site Scripting (XSS) almacenado en el YOURLS Admin Panel, versiones 1.5 - 1.7.10. Un usuario autenticado debe modificar un plugin PHP con una carga útil maliciosa y cargarlo, resultando en múltiples problemas de tipo XSS almacenado • http://yourls.com https://github.com/YOURLS/YOURLS/pull/2761 https://johnjhacking.com/blog/cve-2020-27388 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •