PT-2026-23753

Name of the Vulnerable Software and Affected Versions Parse Server versions prior to 8.6.6 Parse Server versions prior to 9.5.0-alpha.4 Description Parse Server is an open-source backend deployable on Node.js infrastructures. A read-only master key can be used to call the POST /loginAs API...

CVE-2021-39896

In all versions of GitLab CE/EE since version 8.0, when an admin uses the impersonate feature twice and stops impersonating, the admin may be logged in as the second user they impersonated, which may lead to repudiation issues...

SUSE CVE-2017-5593

An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for Psi+ 0.16.563.580 -...

PT-2021-22742 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 8.0 and later Description: The issue arises when an admin uses the impersonate feature twice and then stops impersonating. This may cause the admin to be logged in as the second user they impersonated, potentially leadin...