Accentis Content Resource Management System suffer from a cross site scripting vulnerability.
Overview : Accentis Content Resource Management System versions released prior to the October 2015 patch suffer from a cross site
XSS attack in Drupal Views Builk Operations module 6.x-1.0 through 6.x-1.10
Overview : Drupal Views Builk Operations (VBO) module 6.x-1.0 through 6.x-1.10 does not properly escape the vocabulary help when the
MediaWiki Multiple XSS vulnerabilities
Overview : New vulnerabilities discovered in MediaWiki Affected Product(s) : MediaWiki before 1.19.4 and 1.20.x before 1.20.3 Vulnerability Details :
Cross-site Scripting Vulnerability in Zikula Application Framework
Overview : Zikula 1.3.0 build #3168 and probably prior has XSS flaw due to improper sanitization of the ‘themename’ parameter
ArcSight Logger Security Vulnerability
Overview : ‘External Task is undefined’ & ‘Syntax error’ errors appear on browser console after a Logger report query object
XSS / SSRF hacks in SuiteCRM
Overview : SuiteCRM Lists Latest Updates of XSS / SSRF Vulnerabilities Affected Product(s) : SuiteCRM 7.11.x and 7.10.x before 7.11.8
XSS attacks in Joomla! 3.x before 3.9.12
Overview : In Joomla! 3.x before 3.9.12, inadequate escaping allowed XSS attacks using the logo parameter of the default templates.
CVE-2021-21441
There is a XSS vulnerability in the ticket overview screens. It’s possible to collect various information by having an e-mail
GitLab EE/CE 8.11 through 12.9.1 allows blocked users to pull/push docker images.
Overview : GitLab EE/CE 8.11 through 12.9.1 allows blocked users to pull/push docker images. References Note: References are provided for the convenience
cPanel before 84.0.20 allows a demo account to achieve remote code execution
Overview : cPanel before 84.0.20 allows a demo account to achieve remote code execution via a cpsrvd rsync shell (SEC-544).
Craft CMS 3.1.12 Pro Cross Site Scripting
Overview : In the 3.1.12 Pro version of the Craft CMS web application, the XSS vulnerability has been discovered in
Jenkins announces vulnerabilities
Overview : Stored XSS vulnerability in expandable textbox form control SECURITY-1498 / CVE-2019-10401 Jenkins form controls include an expandable textbox
How Does WAF Integrate with SIEM?
Home How Does WAF Integrate with SIEM? 1.1k Views 8 min. read Learning Center Related Content What Is WAF Event
What Is Bot Mitigation in WAF?
Home What Is Bot Mitigation in WAF? 4.2k Views 7 min. read Learning Center Related Content How Does WAF Block
What Is WAF Logging?
Home What Is WAF Logging? 5.3k Views 7 min. read Learning Center Related Content What Is a WAF Signature? What
Does a CDN Protect Against All Cyberattacks?
Home Does a CDN Protect Against All Cyberattacks? 3.1k Views 6 min. read Learning Center Related Content How Do Attackers
What Is an Advanced WAF Security Policy?
Home What Is an Advanced WAF Security Policy? 6.2k Views 9 min. read Learning Center Related Content What Is WAF
What Is a WAF Signature?
Home What Is a WAF Signature? 13.9k Views 9 min. read Learning Center Related Content What Are the Types of
What Is a Shadow API?
Home What Is a Shadow API? 12.9k Views 7 min. read Learning Center Related Content What Is API Fuzz Testing?
What Is a WAF False Negative?
Home What Is a WAF False Negative? 3.2k Views 7 min. read Learning Center Related Content What Is a WAF
Does a CDN Cause Security Risks?
Home Does a CDN Cause Security Risks? 1.1k Views 7 min. read Learning Center Related Content What Happens If a
WAAP vs WAF vs RASP: Top Differences in 2025
As the cybersecurity landscape evolves rapidly in 2025, safeguarding web applications grows increasingly complex and vital. The rise in zero-day
What Is Broken Authentication?
Home What Is Broken Authentication? 8.6k Views 9 min. read Learning Center Related Content What Is API Injection? What Are
What Is a WAF Policy?
Home What Is a WAF Policy? 8.4k Views 9 min. read Learning Center Related Content What Is a WAF Rule?