7 matches found
PAC4J has a Cross-Site Request Forgery (CSRF) Vulnerability
PAC4J is vulnerable to Cross-Site Request Forgery CSRF. A malicious attacker can craft a specially designed website which, when visited by a user, will automatically submit a forged cross-site request with a token whose hash collides with the victim's legitimate CSRF token. Importantly, the...
CVE-2026-40458 Cross-Site Request Forgery in PAC4J
PAC4J is vulnerable to Cross-Site Request Forgery CSRF. A malicious attacker can craft a specially designed website which, when visited by a user, will automatically submit a forged cross-site request with a token whose hash collides with the victim's legitimate CSRF token. Importantly, the...
CVE-2026-40458
PAC4J is vulnerable to Cross-Site Request Forgery CSRF. A malicious attacker can craft a specially designed website which, when visited by a user, will automatically submit a forged cross-site request with a token whose hash collides with the victim's legitimate CSRF token. Importantly, the...
pac4j 安全漏洞
pac4j is a simple yet powerful Java security engine developed by pac4j OpenSource. It is used to authenticate users, retrieve their configuration files, and manage authorizations, thereby protecting web applications and web services. There were security vulnerabilities in versions of pac4j before...
Linux Distros Unpatched Vulnerability : CVE-2016-0658
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to Optimizer. CVE-2016-0658 Note that...
CVE-2023-6600
The OMGF | GDPR/DSGVO Compliant, Faster Google Fonts. Easy. plugin for WordPress is vulnerable to unauthorized modification of data and Stored Cross-Site Scripting due to a missing capability check on the updatesettings function hooked via admininit in all versions up to, and including, 5.7.9. Th...
Oracle MySQL Server: Optimizer Subcomponent Denial of Service Vulnerability (CNVD-2016-02496)
Oracle MySQL is an open source relational database management system from Oracle. A security vulnerability exists in the Server: Optimizer subcomponent of Oracle MySQL 5.7.10 and earlier versions, which can be exploited by a local attacker to cause a denial of service and impact data availability...