|
312191
|
5.4 |
MEDIUM
Network
|
haloservicesolutions
|
haloitsm
|
HaloITSM versions up to 2.146.1 are affected by a Stored Cross-Site Scripting (XSS) vulnerability. The injected JavaScript code can execute arbitrary action on behalf of the user accessing a ticket. …
|
CWE-79
Cross-site Scripting
|
CVE-2024-6200
|
2024-08-30 02:53 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312192
|
5.3 |
MEDIUM
Network
|
haloservicesolutions
|
haloitsm
|
HaloITSM versions up to 2.146.1 are affected by a Template Injection vulnerability within the engine used to generate emails. This can lead to the leakage of potentially sensitive information. HaloIT…
|
NVD-CWE-Other
|
CVE-2024-6201
|
2024-08-30 02:52 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312193
|
9.8 |
CRITICAL
Network
|
haloservicesolutions
|
haloitsm
|
HaloITSM versions up to 2.146.1 are affected by a SAML XML Signature Wrapping (XSW) vulnerability. When having a SAML integration configured, anonymous actors could impersonate arbitrary HaloITSM use…
|
CWE-863
Incorrect Authorization
|
CVE-2024-6202
|
2024-08-30 02:48 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312194
|
8.1 |
HIGH
Network
|
haloservicesolutions
|
haloitsm
|
HaloITSM versions up to 2.146.1 are affected by a Password Reset Poisoning vulnerability. Poisoned password reset links can be sent to existing HaloITSM users (given their email address is known). Wh…
|
CWE-640
Weak Password Recovery Mechanism for Forgotten Password
|
CVE-2024-6203
|
2024-08-30 02:46 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312195
|
6.1 |
MEDIUM
Network
|
mozilla
|
firefox
firefox_esr
|
Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker a…
|
CWE-79
Cross-site Scripting
|
CVE-2024-7524
|
2024-08-30 02:35 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312196
|
6.1 |
MEDIUM
Network
|
insurance_management_system_project
|
insurance_management_system
|
A vulnerability has been found in nafisulbari/itsourcecode Insurance Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file editCl…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8208
|
2024-08-30 02:27 |
2024-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312197
|
6.1 |
MEDIUM
Network
|
insurance_management_system_project
|
insurance_management_system
|
A vulnerability was found in nafisulbari/itsourcecode Insurance Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file addClient.php. Th…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8209
|
2024-08-30 02:23 |
2024-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312198
|
4.3 |
MEDIUM
Network
|
ibm
|
infosphere_information_server
|
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be use…
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2024-39751
|
2024-08-30 01:56 |
2024-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312199
|
6.1 |
MEDIUM
Network
|
mozilla
|
firefox
|
Long pressing on a download link could potentially allow Javascript commands to be executed within the browser This vulnerability affects Firefox for iOS < 129.
|
CWE-79
Cross-site Scripting
|
CVE-2024-43111
|
2024-08-30 01:53 |
2024-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312200
|
6.1 |
MEDIUM
Network
|
mozilla
|
firefox
|
The contextual menu for links could provide an opportunity for cross-site scripting attacks This vulnerability affects Firefox for iOS < 129.
|
CWE-79
Cross-site Scripting
|
CVE-2024-43113
|
2024-08-30 01:51 |
2024-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
