Search CVE reports


Toggle filters

1 – 5 of 5 results


CVE-2015-1564

Medium priority
Vulnerable

Cross-site scripting (XSS) vulnerability in style-underground/search in Plain Black WebGUI 7.10.29 and earlier allows remote attackers to inject arbitrary web script or HTML via the Search field.

1 affected package

webgui

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
webgui Not in release Not in release Not in release Not in release Vulnerable
Show less packages

CVE-2010-4209

Medium priority
Needs evaluation

Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.8.0 through 2.8.1, as used in Bugzilla 3.7.1 through 3.7.3 and 4.1, allows remote attackers to inject arbitrary web script or HTML via vectors...

7 affected packages

jifty, loggerhead, moodle, otrs2, serendipity...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
jifty Not in release Not in release Not in release Not in release Not in release
loggerhead Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
moodle Not in release Not in release Not in release Not affected Not affected
otrs2 Not in release Not affected Not affected Not affected Not affected
serendipity Not in release Not in release Not in release Not in release Not in release
webgui Not in release Not in release Not in release Not in release Needs evaluation
yui Not in release Not in release Not in release Not in release Not affected
Show all 7 packages Show less packages

CVE-2010-4208

Medium priority
Needs evaluation

Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.5.0 through 2.8.1, as used in Bugzilla, Moodle, and other products, allows remote attackers to inject arbitrary web script or HTML via vectors...

7 affected packages

jifty, loggerhead, moodle, otrs2, serendipity...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
jifty Not in release Not in release Not in release Not in release Not in release
loggerhead Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
moodle Not in release Not in release Not in release Not affected Not affected
otrs2 Not in release Not affected Not affected Not affected Not affected
serendipity Not in release Not in release Not in release Not in release Not in release
webgui Not in release Not in release Not in release Not in release Needs evaluation
yui Not in release Not in release Not in release Not in release Not affected
Show all 7 packages Show less packages

CVE-2010-4207

Medium priority
Needs evaluation

Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.4.0 through 2.8.1, as used in Bugzilla, Moodle, and other products, allows remote attackers to inject arbitrary web script or HTML via vectors...

7 affected packages

jifty, loggerhead, moodle, otrs2, serendipity...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
jifty Not in release Not in release Not in release Not in release Not in release
loggerhead Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
moodle Not in release Not in release Not in release Not affected Not affected
otrs2 Not in release Not affected Not affected Not affected Not affected
serendipity Not in release Not in release Not in release Not in release Not in release
webgui Not in release Not in release Not in release Not in release Needs evaluation
yui Not in release Not in release Not in release Not in release Not affected
Show all 7 packages Show less packages

CVE-2009-4877

Unknown priority
Ignored

Multiple cross-site request forgery (CSRF) vulnerabilities in WebGUI before 7.7.14 allow remote attackers to hijack the authentication of users for unspecified requests via unknown vectors.

1 affected package

webgui

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
webgui
Show less packages