7 Sizzling Cyber Risk Tendencies to Anticipate at Black Hat

(Image: Adobe Stock)


Enterprise Vulnerabilities
From DHS/US-CERT’s Nationwide Vulnerability Database

CVE-2020-19949
PUBLISHED: 2021-09-23

A cross-site scripting (XSS) vulnerability within the /hyperlink/add.html part of YzmCMS v5.3 permits attackers to execute arbitrary internet scripts or HTML.

CVE-2020-19950
PUBLISHED: 2021-09-23

A cross-site scripting (XSS) vulnerability within the /banner/add.html part of YzmCMS v5.3 permits attackers to execute arbitrary internet scripts or HTML.

CVE-2020-19951
PUBLISHED: 2021-09-23

A cross-site request forgery (CSRF) in /controller/pay.class.php of YzmCMS v5.5 permits attackers to entry delicate elements of the appliance.

CVE-2021-41088
PUBLISHED: 2021-09-23

Elvish is a programming language and interactive shell, mixed into one package deal. In variations previous to 0.14.0 Elvish’s internet UI backend (began by `elvish -web`) hosts an endpoint that enables executing the code despatched from the online UI. The backend doesn’t verify the origin of requests appropriately. As a r…

CVE-2021-29813
PUBLISHED: 2021-09-23

IBM Jazz for Service Administration 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is susceptible to saved cross-site scripting. This vulnerability permits customers to embed arbitrary JavaScript code within the Net UI thus altering the supposed performance doubtlessly resulting in credentials disclosure inside a t…



Total
0
Shares
Leave a Reply

Your email address will not be published. Required fields are marked *

Related Posts