XSS attack in Drupal Views Builk Operations module 6.x-1.0 through 6.x-1.10
Overview : Drupal Views Builk Operations (VBO) module 6.x-1.0 through 6.x-1.10 does not properly escape the vocabulary help when the
MediaWiki Multiple XSS vulnerabilities
Overview : New vulnerabilities discovered in MediaWiki Affected Product(s) : MediaWiki before 1.19.4 and 1.20.x before 1.20.3 Vulnerability Details :
Cross-site Scripting Vulnerability in Zikula Application Framework
Overview : Zikula 1.3.0 build #3168 and probably prior has XSS flaw due to improper sanitization of the ‘themename’ parameter
ArcSight Logger Security Vulnerability
Overview : ‘External Task is undefined’ & ‘Syntax error’ errors appear on browser console after a Logger report query object
XSS / SSRF hacks in SuiteCRM
Overview : SuiteCRM Lists Latest Updates of XSS / SSRF Vulnerabilities Affected Product(s) : SuiteCRM 7.11.x and 7.10.x before 7.11.8
XSS attacks in Joomla! 3.x before 3.9.12
Overview : In Joomla! 3.x before 3.9.12, inadequate escaping allowed XSS attacks using the logo parameter of the default templates.
CVE-2021-21441
There is a XSS vulnerability in the ticket overview screens. It’s possible to collect various information by having an e-mail
GitLab EE/CE 8.11 through 12.9.1 allows blocked users to pull/push docker images.
Overview : GitLab EE/CE 8.11 through 12.9.1 allows blocked users to pull/push docker images. References Note: References are provided for the convenience
cPanel before 84.0.20 allows a demo account to achieve remote code execution
Overview : cPanel before 84.0.20 allows a demo account to achieve remote code execution via a cpsrvd rsync shell (SEC-544).
Craft CMS 3.1.12 Pro Cross Site Scripting
Overview : In the 3.1.12 Pro version of the Craft CMS web application, the XSS vulnerability has been discovered in
Jenkins announces vulnerabilities
Overview : Stored XSS vulnerability in expandable textbox form control SECURITY-1498 / CVE-2019-10401 Jenkins form controls include an expandable textbox
What Is a WAF Signature?
Home What Is a WAF Signature? 1.3k Views 7 min. read Learning Center Related Content What Are the Types of
What Is a Shadow API?
Home What Is a Shadow API? 2.2k Views 7 min. read Learning Center Related Content What Is API Fuzz Testing?
What Is a WAF False Negative?
Home What Is a WAF False Negative? 3.2k Views 7 min. read Learning Center Related Content What Is a WAF
Does a CDN Cause Security Risks?
Home Does a CDN Cause Security Risks? 1.1k Views 7 min. read Learning Center Related Content What Happens If a
WAAP vs WAF vs RASP: Top Differences in 2025
As the cybersecurity landscape evolves rapidly in 2025, safeguarding web applications grows increasingly complex and vital. The rise in zero-day
What Is Broken Authentication?
Home What Is Broken Authentication? 8.6k Views 9 min. read Learning Center Related Content What Is API Injection? What Are
What Is a WAF Policy?
Home What Is a WAF Policy? 8.4k Views 9 min. read Learning Center Related Content What Is a WAF Rule?
What Is a WAF Rule?
Home What Is a WAF Rule? 22.8k Views 9 min. read Learning Center Related Content What Is a WAF? What
What Is a WAF Security Rule?
Home What Is a WAF Security Rule? 1.8k Views 7 min. read Learning Center Related Content Introduction As cyber threats
What Is JWT?
Home What Is JWT? 5.1k Views 6 min. read Learning Center Related Content What Is OAuth? What Is API Encryption?
What Is API Injection?
Home What Is API Injection? 4.2k Views 6 min. read Learning Center Related Content How Do APIs Get Hacked? What
How Does AI Detect API Threats?
Home How Does AI Detect API Threats? 7.4k Views 5 min. read Learning Center Related Content What Is Zero-Trust API
How Do APIs Get Hacked?
Home How Do APIs Get Hacked? 8.4k Views 7 min. read Learning Center Related Content What Are Common API Threats?