CVE-2024-46054

OpenVidReview 1.0 is vulnerable to Incorrect Access Control. The /upload route is accessible without authentication, allowing any user to upload files...

CVE-2024-46055

OpenVidReview 1.0 is vulnerable to Cross Site Scripting XSS in review names...

CVE-2024-46055

OpenVidReview 1.0 is vulnerable to Cross Site Scripting XSS in review names...

CVE-2024-46054

OpenVidReview 1.0 is vulnerable to Incorrect Access Control. The /upload route is accessible without authentication, allowing any user to upload files...

CVE-2024-46055

OpenVidReview 1.0 is vulnerable to Cross Site Scripting XSS in review names...

CVE-2024-46054

OpenVidReview 1.0 is vulnerable to Incorrect Access Control. The /upload route is accessible without authentication, allowing any user to upload files...

CVE-2024-46054

OpenVidReview 1.0 is vulnerable to Incorrect Access Control. The /upload route is accessible without authentication, allowing any user to upload files...

PT-2024-31891 · Unknown · Openvidreview

Name of the Vulnerable Software and Affected Versions: OpenVidReview version 1.0 Description: The issue concerns incorrect access control. Specifically, the "/upload" API endpoint is accessible without authentication, allowing any user to upload files. Recommendations: For OpenVidReview version...

OpenVidReview 跨站脚本漏洞

OpenVidReview is a collaborative video review and annotation tool by the individual developer davidguva. A cross-site scripting vulnerability exists in OpenVidReview version 1.0, which stems from vulnerability to cross-site scripting attacks in the review name...

CVE-2024-46054

OpenVidReview 1.0 is vulnerable to Incorrect Access Control. The /upload route is accessible without authentication, allowing any user to upload files...

CVE-2024-46055

OpenVidReview 1.0 is vulnerable to Cross Site Scripting XSS in review names...

OpenVidReview 安全漏洞

OpenVidReview is a collaborative video review and annotation tool by the individual developer davidguva. A security vulnerability exists in version 1.0 of OpenVidReview, which stems from the /upload route being accessible without authentication, making it vulnerable to false access control attack...

CVE-2024-46055

CVE-2024-46055 concerns the OpenVidReview 1.0 application, where the vulnerability is a Cross Site Scripting (XSS) issue in review names. The connected sources consistently describe XSS in OpenVidReview 1.0, but none provide concrete remediation details (e.g., patched versions) or specific exploi...

CVE-2024-46054

OpenVidReview 1.0 is affected by CVE-2024-46054 due to Incorrect Access Control: the /upload endpoint is accessible without authentication, allowing file uploads by any user. This risk is reflected across multiple sources (NVD/Red Hat/CNNVD, etc.). Root cause: unauthenticated access to the upload...

CVE-2024-46055

OpenVidReview 1.0 is vulnerable to Cross Site Scripting XSS in review names...

PT-2024-31892 · Unknown · Openvidreview

Name of the Vulnerable Software and Affected Versions: OpenVidReview version 1.0 Description: The issue is related to Cross Site Scripting XSS in review names. This means an attacker could potentially inject malicious scripts into review names, which could then be executed by the browser of anoth...