CVE-2020-13418 (openiam)
OpenIAM before 4.2.0.3 allows XSS in the Add New User feature. Devamını Oku
OpenIAM before 4.2.0.3 allows XSS in the Add New User feature. Devamını Oku
OpenIAM before 4.2.0.3 allows Directory Traversal in the Batch task. Devamını Oku
ngx_http_lua_module (aka lua-nginx-module) before 0.10.16 in OpenResty allows unsafe characters in an argument when using the API to mutate a URI, or a request or…
Union Pay up to 3.4.93.4.9, for android, contains a CWE-347: Improper Verification of Cryptographic Signature vulnerability, allows attackers to shop for free in merchants' websites…
Union Pay up to 3.3.12, for iOS mobile apps, contains a CWE-347: Improper Verification of Cryptographic Signature vulnerability, allows attackers to shop for free in…
Union Pay up to 1.2.0, for web based versions contains a CWE-347: Improper Verification of Cryptographic Signature vulnerability, allows attackers to shop for free in…
Redmine before 3.4.13 and 4.x before 4.0.6 mishandles markup data during Textile formatting. Devamını Oku
Redmine before 4.0.7 and 4.1.x before 4.1.1 has XSS via the back_url field. Devamını Oku
Redmine before 4.0.7 and 4.1.x before 4.1.1 has stored XSS via textile inline links. Devamını Oku
Redmine before 4.0.7 and 4.1.x before 4.1.1 allows attackers to discover the subject of a non-visible issue by performing a CSV export and reading time…