>> CATEGORY: Security

WebsiteBaker v2.13.3 – Cross-Site Scripting (XSS)

Pentaho BA Server EE 9.3.0.0-428 – Remote Code Execution (RCE) (Unauthenticated)

ESET Service 16.0.26.0 – ‘Service ekrn’ Unquoted Service Path

Online Appointment System V1.0 – Cross-Site Scripting (XSS)

Online-Pizza-Ordering -1.0 – Remote Code Execution (RCE)

RSA NetWitness Platform 12.2 – Incorrect Access Control / Code Execution

Palo Alto Cortex XSOAR 6.5.0 – Stored Cross-Site Scripting (XSS)

Joomla! v4.2.8 – Unauthenticated information disclosure

Symantec Messaging Gateway 10.7.4 – Stored Cross-Site Scripting (XSS)

ActFax 10.10 – Unquoted Path Services