EUVD-2023-59662

Malicious code in bioql PyPI...

CVE-2023-7273

Cross site request forgery in Kiteworks OwnCloud allows an unauthenticated attacker to forge requests. If a request has no Authorization header, it is created with an empty string as value by a rewrite rule. The CSRF check is done by comparing the header value to null, meaning that the existing...

CVE-2023-7273 Cross Site Request Forgery in Kiteworks OwnCloud

Cross site request forgery in Kiteworks OwnCloud allows an unauthenticated attacker to forge requests. If a request has no Authorization header, it is created with an empty string as value by a rewrite rule. The CSRF check is done by comparing the header value to null, meaning that the existing...

CVE-2023-7273

The CVE-2023-7273 entry concerns Kiteworks OwnCloud and is supported by multiple sources indicating a Cross-Site Request Forgery (CSRF) vulnerability. Affected component/condition: CSRF in Kiteworks OwnCloud where, if a request has no Authorization header, the rewrite rule assigns an empty string...

CVE-2023-7273 Cross Site Request Forgery in Kiteworks OwnCloud

Cross site request forgery in Kiteworks OwnCloud allows an unauthenticated attacker to forge requests. If a request has no Authorization header, it is created with an empty string as value by a rewrite rule. The CSRF check is done by comparing the header value to null, meaning that the existing...

PT-2024-15265 · Kiteworks · Kiteworks Owncloud

Name of the Vulnerable Software and Affected Versions: Kiteworks OwnCloud affected versions not specified Description: Cross site request forgery in Kiteworks OwnCloud allows an unauthenticated attacker to forge requests. If a request has no Authorization header, it is created with an empty strin...