ROS-20251014-05

A vulnerability in the interface of the Grafana monitoring and surveillance platform is related to the failure to take measures to protect the web page structure when processing the /swagger endpoint. web page structure when processing the /swagger endpoint. Exploitation of the vulnerability coul...

The vulnerability of the Grafana monitoring and surveillance platform’s interface allows attackers to perform cross-site scripting attacks (XSS).

The vulnerability of the Grafana monitoring and observation platform’s interface is related to the lack of measures taken to protect the website structure during the processing of the /swagger endpoint. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks...

CVE-2022-23554

Alpine is a scaffolding library in Java. Alpine prior to version 1.10.4 allows Authentication Filter bypass. The AuthenticationFilter relies on the request URI to evaluate if the user is accessing the swagger endpoint. By accessing a URL with a path such as /api/foo;%2fapi%2fswagger the contains...

Race condition

Alpine is a scaffolding library in Java. Alpine prior to version 1.10.4 allows Authentication Filter bypass. The AuthenticationFilter relies on the request URI to evaluate if the user is accessing the swagger endpoint. By accessing a URL with a path such as /api/foo;%2fapi%2fswagger the contains...

PT-2022-16069 · Alpine · Alpine

Name of the Vulnerable Software and Affected Versions: Alpine versions prior to 1.10.4 Description: The issue concerns Alpine, a Java scaffolding library. It allows an Authentication Filter bypass, where the AuthenticationFilter relies on the request URI to determine if the user is accessing the...

Authentication Bypass

Alpine is vulnerable to authentication bypass.The vulnerability exists in filter function of AuthenticationFilter.java because of by accessing a URL with a path without aborting the request which allows an attacker to bypass administrative restrictions via swagger endpoint...