251 matches found
CVE-2024-20930
Oracle Outside In Technology in Oracle Fusion Middleware (Content Access SDK, Image Export SDK, PDF Export SDK, HTML Export SDK) is affected in version 8.5.6. The vulnerability is remotely exploitable over HTTP by a low-privileged attacker, enabling unauthorized update, insert/delete, and read ac...
PT-2024-1221 · Oracle · Oracle Outside In Technology
Name of the Vulnerable Software and Affected Versions: Oracle Outside In Technology versions 8.5.6 Description: The issue exists due to insufficient input validation in the Content Access SDK, Image Export SDK, PDF Export SDK, and HTML Export SDK components of Oracle Outside In Technology. This...
CVE-2023-42361
Local File Inclusion vulnerability in Midori-global Better PDF Exporter for Jira Server and Jira Data Center v.10.3.0 and before allows an attacker to view arbitrary files and cause other impacts via use of crafted image during PDF export...
CVE-2023-42361
Local File Inclusion vulnerability in Midori-global Better PDF Exporter for Jira Server and Jira Data Center v.10.3.0 and before allows an attacker to view arbitrary files and cause other impacts via use of crafted image during PDF export...
CVE-2023-42361
Local File Inclusion vulnerability in Midori-global Better PDF Exporter for Jira Server and Jira Data Center v.10.3.0 and before allows an attacker to view arbitrary files and cause other impacts via use of crafted image during PDF export...
Remote file inclusion
Local File Inclusion vulnerability in Midori-global Better PDF Exporter for Jira Server and Jira Data Center v.10.3.0 and before allows an attacker to view arbitrary files and cause other impacts via use of crafted image during PDF export...
CVE-2023-42361
Local File Inclusion vulnerability in Midori-global Better PDF Exporter for Jira Server and Jira Data Center v.10.3.0 and before allows an attacker to view arbitrary files and cause other impacts via use of crafted image during PDF export...
CVE-2023-42361
CVE-2023-42361 affects the Midori-global Better PDF Exporter for Jira Server/Data Center (versions 10.3.0 and earlier). The root cause is an insufficient validation pathway in the PDF export flow that can be exploited via a crafted image during export, enabling a Local File Inclusion and potentia...
CVE-2023-42361
Local File Inclusion vulnerability in Midori-global Better PDF Exporter for Jira Server and Jira Data Center v.10.3.0 and before allows an attacker to view arbitrary files and cause other impacts via use of crafted image during PDF export...
The vulnerabilities of the Content Access SDK, Image Export SDK, PDF Export SDK, and HTML Export SDK components of Oracle Outside In Technology’s software development kit (SDK) allow attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerabilities of the Content Access SDK, Image Export SDK, PDF Export SDK, and HTML Export SDK components of Oracle Outside In Technology’s software development kit SDK exist due to insufficient testing of input data. Exploiting these vulnerabilities can allow attackers to compromise the...
CVE-2023-22127
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware component: Content Access SDK, Image Export SDK, PDF Export SDK, HTML Export SDK. The supported version that is affected is 8.5.6. Easily exploitable vulnerability allows low privileged attacker with network...
CVE-2023-22127
CVE-2023-22127 affects Oracle Outside In Technology (Content Access SDK, Image Export SDK, PDF Export SDK, and HTML Export SDK) in Oracle Fusion Middleware, specifically version 8.5.6. The vulnerability allows a low-privileged, network-accessible attacker over HTTP to read data, perform unauthori...
CVE-2020-18336
Cross Site Scripting XSS vulnerability found in Typora v.0.9.65 allows a remote attacker to obtain sensitive information via the PDF file exporting function...
CVE-2020-18336
CVE-2020-18336 is an XSS vulnerability in Typora v0.9.65, allowing a remote attacker to obtain sensitive information via the PDF export function. The NVD entry assigns CVSS v3.1: AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N (base score 7.4). Connected documents consistently describe Typora 0.9.65 as vulne...
CVE-2020-18336
Cross Site Scripting XSS vulnerability found in Typora v.0.9.65 allows a remote attacker to obtain sensitive information via the PDF file exporting function...
PT-2024-24333 · Xwiki · Xwiki Platform
Name of the Vulnerable Software and Affected Versions: XWiki Platform versions 3.0.1 through 4.10.19 XWiki Platform versions 14.10.19 and earlier XWiki Platform versions 15.5.3 and earlier XWiki Platform versions prior to 15.10-rc-1 Description: XWiki Platform is a generic wiki platform. Remote...
HackerOne: Names not completely redacted despite "Redact the names of the involved users" is selected
An edge case was discovered in the Export PDF function where names ending with a . were not properly redacted despite selecting the "Redact the names of the involved users" option. The vulnerability allowed for the disclosure of sensitive information...
While performing the custom PDF export for Page/s, breaks page titles with umlaut letters.
h3. Issue Summary While performing the custom PDF export for Page/s, breaks page titles with umlaut letters. Issue is reproducible on Latest LTS 7.19.4 and Latest release 8.1.0 This is reproducible on Data Center: yes h3. Steps to Reproduce Setup the Confluence DC setup. sandbox as separate proce...
wallabag contains Improper Authorization via export feature
Description The export feature lets a user export a single entry or a set of entries in a given format e.g. PDF, MOBI, TXT. For example, https://yourinstance.wallabag.org/export/45.pdf will export the entry with id 45 in PDF format. Since wallabag 2.0.0-alpha.1, this feature is vulnerable to an...
CVE-2022-38802
Zkteco BioTime 8.5.3 Build:20200816.447 is vulnerable to Incorrect Access Control via resign, private message, manual log, time interval, attshift, and holiday. An authenticated administrator can read local files by exploiting XSS into a pdf generator when exporting data as a PDF...