Incorrect access control in the component /index.php?mod=system&op=orgtree of dzzoffice 2.02.1_SC_UTF8 allows unauthenticated attackers to browse departments and usernames. Zafiyet ile ilgili Genel Bilgi, Etki ve…

A reflected cross-site scripting (XSS) vulnerability in the zero parameter of dzzoffice 2.02.1_SC_UTF8 allows attackers to execute arbitrary web scripts or HTML. Zafiyet ile ilgili…

The Contour Service was not checking that users had permission to create an analysis for a given dataset. This could allow an attacker to clutter…