Open Source CVEs

(CVE-2023-2730): Cross-site Scripting (XSS) - Stored in pimcore/pimcore. huntr.dev/bounties/6c6f5… Disclosed by huntr.dev/users/duyhm1995, fixed by pimcore maintainers... #opensource #CVE #bugbounty #security #vulnerability

(CVE-2023-2675): Improper Restriction of Excessive Authentication Attempts in linagora/twake. huntr.dev/bounties/474d3… Disclosed by huntr.dev/users/jeffreyg…, fixed by @Linagora... #opensource #CVE #bugbounty #security #vulnerability

(CVE-2023-2674): Improper Access Control in openemr/openemr. huntr.dev/bounties/af73e… Disclosed by @__nhienit__, fixed by openemr maintainers... #opensource #CVE #bugbounty #security #vulnerability

(CVE-2023-2666): Allocation of Resources Without Limits or Throttling in froxlor/froxlor. huntr.dev/bounties/0bbdc… Disclosed by huntr.dev/users/earth2sky, fixed by froxlor maintainers... #opensource #CVE #bugbounty #security #vulnerability

(CVE-2023-2665): Storage of Sensitive Data in a Mechanism without Access Control in francoisjacquet/rosariosis. huntr.dev/bounties/42f38… Disclosed by huntr.dev/users/b1tch3s, fixed by francoisjacquet maintainers... #opensource #CVE #bugbounty #security #vulnerability

(CVE-2023-2630): Cross-site Scripting (XSS) - Stored in pimcore/pimcore. huntr.dev/bounties/e1001… Disclosed by @70rpedo, fixed by pimcore maintainers... #opensource #CVE #bugbounty #security #vulnerability

(CVE-2023-2629): Improper Neutralization of Formula Elements in a CSV File in pimcore/customer-data-framework. huntr.dev/bounties/821ff… Disclosed by @sampritdas8, fixed by pimcore maintainers... #opensource #CVE #bugbounty #security #vulnerability

(CVE-2023-2616): Cross-site Scripting (XSS) - Generic in pimcore/pimcore. huntr.dev/bounties/564cb… Disclosed by @sampritdas8, fixed by pimcore maintainers... #opensource #CVE #bugbounty #security #vulnerability

(CVE-2023-2615): Cross-site Scripting (XSS) - Reflected in pimcore/pimcore. huntr.dev/bounties/af9c3… Disclosed by @sampritdas8, fixed by pimcore maintainers... #opensource #CVE #bugbounty #security #vulnerability

(CVE-2023-2614): Cross-site Scripting (XSS) - DOM in pimcore/pimcore. huntr.dev/bounties/1a5e6… Disclosed by @sampritdas8, fixed by pimcore maintainers... #opensource #CVE #bugbounty #security #vulnerability

(CVE-2023-2610): Integer Overflow or Wraparound in vim/vim. huntr.dev/bounties/31e67… Disclosed by huntr.dev/users/thkim0, fixed by vim maintainers... #opensource #CVE #bugbounty #security #vulnerability

(CVE-2023-2609): NULL Pointer Dereference in vim/vim. huntr.dev/bounties/1679b… Disclosed by huntr.dev/users/thkim0, fixed by vim maintainers... #opensource #CVE #bugbounty #security #vulnerability

(CVE-2023-2591): Code Injection in nilsteampassnet/teampass. huntr.dev/bounties/705f7… Disclosed by @MnQAZI, fixed by @TheTeamPass... #opensource #CVE #bugbounty #security #vulnerability

(CVE-2023-2590): Missing Authorization in answerdev/answer. huntr.dev/bounties/a4238… Disclosed by huntr.dev/users/baobaovt, fixed by @answerdev... #opensource #CVE #bugbounty #security #vulnerability

(CVE-2023-2583): Code Injection in jsreport/jsreport. huntr.dev/bounties/397ea… Disclosed by huntr.dev/users/m1dsummer, fixed by jsreport maintainers... #opensource #CVE #bugbounty #security #vulnerability

(CVE-2023-2566): Cross-site Scripting (XSS) - Stored in openemr/openemr. huntr.dev/bounties/47d6f… Disclosed by huntr.dev/users/christyn…, fixed by openemr maintainers... #opensource #CVE #bugbounty #security #vulnerability

(CVE-2023-2564): OS Command Injection in sbs20/scanservjs. huntr.dev/bounties/d1311… Disclosed by huntr.dev/users/cruatta, fixed by sbs20 maintainers... #opensource #CVE #bugbounty #security #vulnerability

(CVE-2023-2554): External Control of File Name or Path in unilogies/bumsys. huntr.dev/bounties/39678… Disclosed by huntr.dev/users/jomc98, fixed by unilogies maintainers... #opensource #CVE #bugbounty #security #vulnerability

(CVE-2023-2553): Cross-site Scripting (XSS) - Stored in unilogies/bumsys. huntr.dev/bounties/4e1f5… Disclosed by huntr.dev/users/tht1997, fixed by unilogies maintainers... #opensource #CVE #bugbounty #security #vulnerability

(CVE-2023-2552): Cross-Site Request Forgery (CSRF) in unilogies/bumsys. huntr.dev/bounties/ab0b4… Disclosed by huntr.dev/users/tsarsecu…, fixed by unilogies maintainers... #opensource #CVE #bugbounty #security #vulnerability