UJCMS 安全漏洞

UJCMS is a Java open source content management system from dromara open source. A security vulnerability exists in UJCMS version 9.6.3, which stems from improper URL authentication and a URL redirection vulnerability that allows an authenticated attacker to redirect an unprivileged user to an...

Connect2id Nimbus JOSE+JWT Security Vulnerability

Connect2id Nimbus JOSE+JWT is a Java-based open source JWT JSON Web Tokens implementation from Connect2id. A security vulnerability exists in Connect2id Nimbus JOSE+JWT versions prior to 9.37.2 that stems from an attacker being able to cause a denial of service via a header value...

OpenJDK: JVM class file verifier flaw allows unverified bytecode execution (8314295)

Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or...

yacyXSS.txt

Donato Ferrante Application: yacy http://www.yacy.net Version: 0.31 Bug: cross site scripting Date: 24-Dec-2004 Author: Donato Ferrante e-mail: [email protected] web: www.autistici.org/fdonato xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx 1. Description 2. The bug 3...