Chainlit 安全漏洞

Chainlit is a large model dialog interface framework open-sourced by chainlit. A security vulnerability exists in Chainlit versions prior to 2.8.5 that stems from the presence of an authorization bypass via a user control key, which could lead to an attacker logging in to view threads or gain...

PT-2023-7910 · WordPress · Welcart E-Commerce

Name of the Vulnerable Software and Affected Versions: Welcart e-Commerce WordPress plugin versions prior to 2.8.5 Description: The issue is related to the use of files and directories accessible to external parties. It does not validate user input before using it to output the content of a file,...

Mechanize 信息泄露漏洞

Mechanize is an open source ruby library from Sparkle Motion. It is used to automate interactions with websites. A security vulnerability exists in versions of Mechanize prior to 2.8.5 that stems from an authorization header that leaks after redirecting to a different port on the same site...

PT-2020-20130 · Elementor · Elementor

Name of the Vulnerable Software and Affected Versions: Elementor plugin versions prior to 2.8.5 Description: The issue is related to a reflected XSS vulnerability on the elementor-system-info page. This can be exploited by targeting an authenticated user. Recommendations: For versions prior to...

CVE-2016-3704

Pulp before 2.8.5 uses bash's $RANDOM in an unsafe way to generate passwords...