An XSS issue was discovered in handler_server_info.c in Cherokee through 1.2.104. The requested URL is improperly displayed on the About page in the default configuration of the web server and its administrator panel. The XSS in the administrator panel can be used to reconfigure the server and execute arbitrary commands.
Source link
RELATED STORIES
Zoom is working on a patch for a zero-day in Windows client | | IT...
This security advisory describes one medium risk vulnerability. 1) Permissions, Privileges, and Access Controls Severity:...
Executive Summary Informations Name CVE-2020-13132 First vendor Publication 2020-07-09 Vendor Cve Last vendor Modification 2020-07-09...
Executive Summary Informations Name CVE-2020-4173 First vendor Publication 2020-07-09 Vendor Cve Last vendor Modification 2020-07-09...
Executive Summary Informations Name CVE-2020-4305 First vendor Publication 2020-07-09 Vendor Cve Last vendor Modification 2020-07-09...
https://documentation.solarwinds.com/en/success_center/servu/Content/Release_Notes/Servu_15-2-1_release_notes. Source link
https://www.phpzag.com/live-add-edit-delete-datatables-records-with-ajax-php-mysql/ …. Source link
Description: Affected versions of Atlassian Jira Server and Data Center allow remote attackers to achieve...
CVE-2020-15092
Detail
Awaiting Analysis This vulnerability is currently awaiting analysis....
Current Description. A vulnerability in session management for the web-based interface of Cisco Small Business...