CTFd 安全漏洞

CTFd is an open-source Capture The Flag framework developed by CTFd. A security vulnerability exists in the version 3.8.1-18-gdb5a18c4 of CTFd. This vulnerability stems from a ZIP Slip issue in the administrator import function, which may allow attackers to write arbitrary files into directories...

HCL Domino Leap 安全漏洞

HCL Domino Leap is a cloud-based collaboration platform from HCL India that modernizes traditional Domino applications. HCL Domino Leap suffers from a security vulnerability that stems from improper endpoint access control, which could result in certain administrator users importing applications...

Intland Software codeBeamer ALM 跨站脚本漏洞

Intland Software codeBeamer ALM is an application lifecycle management platform from Intland Software, Germany. The platform supports application lifecycle management, requirements management, risk management and software development. A security vulnerability exists in Intland that can be exploit...

CVE-2017-18097

The Trello board importer resource in Atlassian Jira before version 7.6.1 allows remote attackers who can convince a Jira administrator to import their Trello board to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the title of a Trello card...