Microsoft : Security Vulnerabilities Published In 2022 (XSS)

Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability.
Max Base Score
Published 2022-01-11
Updated 2022-01-20
EPSS 0.05%
The Microsoft Advertising Universal Event Tracking (UET) WordPress plugin before 1.0.4 does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. Due to the nature of this plugin, well crafted XSS can also leak into the frontpage.
Max Base Score
Published 2022-08-01
Updated 2022-08-05
EPSS 0.06%
2 vulnerabilities found
This web site uses cookies for managing your session and website analytics (Google analytics) purposes as described in our privacy policy.
By using this web site you are agreeing to terms of use!