5 matches found
Cross-Site Request Forgery (CSRF) in wallabag/wallabag
Cross-Site Request Forgery CSRF in GitHub repository wallabag/wallabag prior to 2.5.4...
CVE-2023-0736
Cross-site Scripting XSS - Stored in GitHub repository wallabag/wallabag prior to 2.5.4...
CVE-2022-4644
Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.4...
PT-2019-7279 · WordPress · Option-Tree
Name of the Vulnerable Software and Affected Versions: option-tree plugin versions prior to 2.5.4 Description: The issue is related to a Cross-Site Scripting XSS problem in the add query arg function. Recommendations: For versions prior to 2.5.4, update to version 2.5.4 or later to resolve the...
CVE-2014-9657
The ttfaceloadhdmx function in truetype/ttpload.c in FreeType before 2.5.4 does not establish a minimum record size, which allows remote attackers to cause a denial of service out-of-bounds read or possibly have unspecified other impact via a crafted TrueType font...