Page 2 of 8 results (0.003 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

The Knock Knock plugin before 1.2.8 for Craft CMS allows malicious redirection. El plugin Knock Knock versiones anteriores a 1.2.8 para Craft CMS, permite una redirección maliciosa. • https://github.com/verbb/knock-knock/blob/craft-3/CHANGELOG.md • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. There are CSRF issues with the log-clear controller action. Se detectó un problema en el plugin Image Resizer versiones anteriores a 2.0.9 para Craft CMS. Presenta problemas de tipo CSRF con la acción del controlador log-clear. • https://github.com/verbb/image-resizer/blob/craft-3/CHANGELOG.md • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. There is stored XSS in the Bulk Resize action. Se detectó un problema en el plugin Image Resizer versiones anteriores a 2.0.9 para Craft CMS. Presenta una vulnerabilidad de tipo XSS almacenado en la acción Bulk Resize. • https://github.com/verbb/image-resizer/blob/craft-3/CHANGELOG.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •