Microweber version 1.3.1 allows an unauthenticated user to perform an account takeover via an XSS on the ‘select-file’ parameter.
More Stories
asterisk release 20.8.1
Posted by Asterisk Development Team via Fulldisclosure on May 20 The Asterisk Development Team would like to announce security release...
asterisk release 21.3.1
Posted by Asterisk Development Team via Fulldisclosure on May 20 The Asterisk Development Team would like to announce security release...
asterisk release 18.23.1
Posted by Asterisk Development Team via Fulldisclosure on May 20 The Asterisk Development Team would like to announce security release...
CVE-2024-34058: Nethserver 7 & 8 stored cross-site scripting (XSS) in WebTop package
Posted by Andrea Intilangelo on May 20 CVE-2024-34058: Nethserver 7 & 8 stored cross-site scripting (XSS) in WebTop package Use...
chromium-125.0.6422.60-3.el7
FEDORA-EPEL-2024-07403ba3a8 Packages in this update: chromium-125.0.6422.60-3.el7 Update description: update to 125.0.6422.60 High CVE-2024-4947: Type Confusion in V8 High CVE-2024-4948: Use...
USN-6777-2: Linux kernel (Azure) vulnerabilities
Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal,...