Collabora Online 跨站脚本漏洞

Collabora Online is an application from Collabora UK. A powerful LibreOffice-based online office that supports all major document, spreadsheet and presentation file formats. A security vulnerability exists in Collabora Online versions prior to 22.05.13, 21.11.9.1, and 6.4.27, which stems from the...

jenkins: API tokens of other users available to admins (SECURITY-200)

Jenkins before 1.638 and LTS before 1.625.2 do not properly restrict access to API tokens which might allow remote administrators to gain privileges and run scripts by using an API token of another user...