23 matches found
CVE-2021-23345 Server-side Request Forgery (SSRF)
All versions of package github.com/thecodingmachine/gotenberg are vulnerable to Server-side Request Forgery SSRF via the /convert/html endpoint when the src attribute of an HTML element refers to an internal system file, such as...
Julien Neuhart gotenberg Code Issues Vulnerabilities
Julien Neuhart gotenberg is Julien Neuhart open source an application interface. Used to convert HTML, Markdown and Office documents to PDF. gotenberg has a security vulnerability , the vulnerability stems from the vulnerability to attacks through the /convert/html endpoint forged server-side...
PT-2019-15766 · Kairosdb · Kairosdb
Name of the Vulnerable Software and Affected Versions: KairosDB versions prior to 1.2.3 Description: The issue concerns an XSS vulnerability in the view.html file due to the showErrorMessage function in js/graph.js. This can be exploited by including a specific substring, such as...