12 matches found
Iris 安全漏洞
Iris is an open-source fast, simple, yet fully functional and highly efficient Go network framework developed by DFIR-IRIS. Versions of Iris prior to 2.4.28 contained security vulnerabilities, which stemmed from allowing users to manipulate API requests to modify values in the database...
Iris 安全漏洞
Iris is an open-source fast, simple, yet fully functional and highly efficient Go web framework developed by DFIR-IRIS. Versions of Iris prior to 2.4.28 contained security vulnerabilities, which were caused by improper file upload validation. These vulnerabilities could lead to the hosting of...
Iris 安全漏洞
Iris is an open-source fast, simple, yet fully functional and highly efficient Go web framework developed by DFIR-IRIS. Versions of Iris prior to 2.4.28 contained security vulnerabilities. These vulnerabilities stemmed from the ability to create alerts for unassigned customers, which could be...
Iris 安全漏洞
Iris is a fast, simple, yet fully functional and highly efficient Go network framework developed under the DFIR-IRIS open source project. Versions of Iris prior to 2.4.28 contained security vulnerabilities, which were caused by the return of unnecessary sensitive data...
Iris 授权问题漏洞
Iris is an open-source fast, simple, yet fully functional and highly efficient Go network framework developed by DFIR-IRIS. Versions of Iris prior to 2.4.28 had an authorization issue vulnerability. This vulnerability stemmed from the GraphQL endpoints not enforcing authorization checks, which...
Iris 安全漏洞
Iris is a fast, simple, yet full-featured and very efficient Go networking framework open-sourced by DFIR-IRIS. A security vulnerability exists in Iris versions prior to 2.4.24, which stems from a bulk allocation vulnerability in the datastore file management system and the deletion of...
Iris Security Breach
Iris is a fast, simple, yet full-featured and very efficient Go networking framework. A security vulnerability exists in Iris versions prior to v2.4.0. An attacker exploiting this vulnerability could inject malicious script into an application, which could lead to unauthorized access, data theft,...
Iris Security Breach
Iris is a fast, simple but fully featured and very efficient Go web framework. A security vulnerability exists in iris-web versions prior to v2.3.7, which stems from the presence of a stored cross-site scripting XSS vulnerability that could allow an attacker to inject malicious scripts into an...
Iris 跨站脚本漏洞
Iris is a fast, simple, yet full-featured and very efficient Go web framework. A security vulnerability exists in Iris versions prior to 2.2.1, which stems from the presence of a stored cross-site scripting XSS vulnerability that allows an attacker to inject malicious script into an application,...
Iris 后置链接漏洞
Iris is a fast, simple, yet full-featured and very efficient Go web framework. A security vulnerability exists in iris version 12, which stems from the program's insecure handling of filenames during uploads using the UploadFormFiles method could allow an attacker to write to an arbitrary locatio...
Arbitrary File Write
Overview github.com/kataras/iris/v12 is a fast, simple yet fully featured and very efficient web framework for Go. Affected versions of this package are vulnerable to Arbitrary File Write. The unsafe handling of file names during upload using UploadFormFiles method may enable attackers to write t...
Arbitrary File Write
Overview github.com/kataras/iris is a fast, simple yet fully featured and very efficient web framework for Go. Affected versions of this package are vulnerable to Arbitrary File Write. The unsafe handling of file names during upload using UploadFormFiles method may enable attackers to write to...