3 matches found
AZL-64166 CVE-2025-50200 affecting package rabbitmq-server for versions less than 3.13.7-3
RabbitMQ is a messaging and streaming broker. In versions 3.13.7 and prior, RabbitMQ is logging authorization headers in plaintext encoded in base64. When querying RabbitMQ api with HTTP/s with basic authentication it creates logs with all headers in request, including authorization headers which...
WordPress EmbedPress plugin <= 4.0.8 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin EmbedPress versions = 4.0.8...
Apache Karaf LDAP Injection Vulnerability
Apache Karaf is open source OSGi based runtime environment. Apache Karaf version before 4.0.8 through the LDAPLoginModule to authenticate the user directory access through LDAP , there is a security vulnerability in the implementation , successful exploitation can lead to LDAP injection attacks ,...