A vulnerability, which was classified as problematic, was found in Auth0 auth0-lock up to 11.30.0. Affected is an unknown functionality of the component Sign In. Upgrading to version 11.30.1 eliminates this vulnerability. The upgrade is hosted for download at github.com. Applying a patch is able to eliminate this problem. The bugfix is ready for download at github.com. The best possible mitigation is suggested to be upgrading to the latest version.
Auth0 auth0-lock up to 11.30.0 Sign In cross site scripting
- Virtual Patching
- June 11, 2021
- 5:05 am
CVE-2022-1558 : Multiple Stored Cross-Site Scripting vulnerabilities in WordPress curtain plugin 1.0.2
Description Several Cross-Site Scripting vulnerabilities in the Curtain WordPress plugin. Due to these Cross-Site Scripting vulnerabilities, an attacker would be
CVE-2022-AVAST2 : Self-Defense Bypass via Repairing Function
Description It was noted that there is security checking to prevent some of the Avast processes from loading of undesired/unsigned
CVE-2022-21500 : Oracle Security Alert Advisory
Description This Security Alert addresses vulnerability CVE-2022-21500, which affects some deployments of Oracle E-Business Suite. This vulnerability is remotely exploitable