Page 6 of 85 results (0.007 seconds)

CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 1

Prior to microweber/microweber v1.2.20, due to improper neutralization of input, an attacker can steal tokens to perform cross-site request forgery, fetch contents from same-site and redirect a user. Microweber/microweber versiones anteriores a v1.2.20, debido a una neutralización inapropiada de la entrada, un atacante puede robar tokens para llevar a cabo un ataque de tipo cross-site request forgery, conseguir contenidos del mismo sitio y redirigir a un usuario • https://github.com/microweber/microweber/commit/79c6914bab8c9da07ac950fda17648d08c68b130 https://huntr.dev/bounties/7782c095-9e8c-48b0-a7f5-3a8f52e8af52 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 1

Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.2.19. Una vulnerabilidad de tipo Cross-site Scripting (XSS) - Almacenado en el repositorio de GitHub microweber/microweber versiones anteriores a 1.2.19 • https://github.com/microweber/microweber/commit/70b46e231e7b2c113666745a0ab6de9a8b7ef08e https://huntr.dev/bounties/882d6cf9-64f5-4614-a873-a3030473c817 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.2.19. Una vulnerabilidad de tipo Cross-site Scripting (XSS) - Almacenado en el repositorio de GitHub microweber/microweber versiones anteriores a 1.2.19 • https://github.com/microweber/microweber/commit/9ebbb4dd35da74025ab6965f722829a7f8f86566 https://huntr.dev/bounties/22561bfd-a28f-474e-9bfd-7263c1b71133 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

Open Redirect in GitHub repository microweber/microweber prior to 1.2.19. Un Redireccionamiento Abierto en el repositorio de GitHub microweber/microweber versiones anteriores a 1.2.19 • https://github.com/microweber/microweber/commit/187e949daf7dea6f10b80da70988f0f86444eeff https://huntr.dev/bounties/4d394bcc-a000-4f96-8cd2-8c565e1347e8 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 1.2.18. Una vulnerabilidad de tipo Cross-site Scripting (XSS) - Reflejo en el repositorio de GitHub microweber/microweber versiones anteriores a 1.2.18 • https://github.com/microweber/microweber/commit/c51285f791e48e536111cd57a9544ccbf7f33961 https://huntr.dev/bounties/ac68e3fc-8cf1-4a62-90ee-95c4b2bad607 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •