📦 Bluespice

This CVE describes an improper input validation vulnerability in BlueSpice's CognitiveProcessDesigner extension that allows cross-site scripting (XSS) attacks. Attackers can inject malicious scripts t...

This CVE describes a cross-site scripting (XSS) vulnerability in BlueSpice's WhoIsOnline extension due to improper output encoding. Attackers can inject malicious scripts that execute in users' browse...

This vulnerability allows attackers to inject malicious scripts into BlueSpice wiki pages through the AtMentions extension. When exploited, it enables cross-site scripting (XSS) attacks that can steal...

This CVE describes an improper output encoding vulnerability in BlueSpice's Avatars extension that allows cross-site scripting (XSS) attacks. Attackers can inject malicious scripts that execute in vic...