Lucene search
K

11 matches found

NVD
NVD
added 5 hours ago6 views

CVE-2026-54893

URL path injection in the Microsoft Graph adapter of Swoosh. Swoosh.Adapters.MsGraph builds its Microsoft Graph API request URL by interpolating the sender's email address into the URL path /users/from/sendMail without percent-encoding or validation. In applications that derive the from address...

2.1CVSS
Exploits0References4
Cvelist
Cvelist
added 6 hours ago7 views

CVE-2026-54893 Email-derived URL path injection in the Swoosh Microsoft Graph adapter

URL path injection in the Microsoft Graph adapter of Swoosh. Swoosh.Adapters.MsGraph builds its Microsoft Graph API request URL by interpolating the sender's email address into the URL path /users/from/sendMail without percent-encoding or validation. In applications that derive the from address...

2.1CVSS
Exploits0References4
CVE
CVE
added 6 hours ago9 views

CVE-2026-54893

Swoosh.Adapters.MsGraph is vulnerable to URL path injection via the from-address interpolation into /users/{from}/sendMail without percent-encoding or validation. If from derives from untrusted input, an attacker can inject URL-special characters (/, ?, #) to escape the intended path and rewrite ...

2.1CVSS6AI score
Exploits0References4
EUVD
EUVD
added 6 hours ago5 views

EUVD-2026-41876

URL path injection in the Microsoft Graph adapter of Swoosh. Swoosh.Adapters.MsGraph builds its Microsoft Graph API request URL by interpolating the sender's email address into the URL path /users/from/sendMail without percent-encoding or validation. In applications that derive the from address...

2.1CVSS6AI score
Exploits0References4
seebug.org
seebug.org
added 2008/06/11 12:0 a.m.53 views

Akamai Red Swoosh跨站请求伪造漏洞

CVECAN ID: CVE-2008-1106 Red Swoosh是分布式的联网软件,用于增强文件传送和音频流功能。 Red Swoosh客户端在9421/TCP端口的环回接口上实现一个Web服务器监听管理命令。在这个接口上的授权是基于HTTP referer头的,referer头中包含有一些域的请求或没有referer的请求都可以获得授权。如果恶意站点伪造了HTTP referer的话,就会导致下载并执行任意URL的文件。 Akamai Red Swoosh 3322 Akamai ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

7.1CVSS6.4AI score0.00773EPSS
Exploits1
NVD
NVD
added 2008/06/09 11:32 p.m.27 views

CVE-2008-1106

The management interface in Akamai Client formerly Red Swoosh 3322 and earlier allows remote attackers to bypass authentication via an HTTP request that contains 1 no Referer header, or 2 a spoofed Referer header that matches an approved domain, which allows remote attackers to conduct cross-site...

7.1CVSS7.6AI score0.00773EPSS
Exploits1References8
CVE
CVE
added 2008/06/09 11:0 p.m.73 views

CVE-2008-1106

The CVE-2008-1106 issue affects Akamai Client Software (formerly Red Swoosh) up to version 3322. The management web server on loopback (9421/TCP) authenticates based on the HTTP Referer header, allowingCSRF via requests with no Referer or spoofed Referer to approved domains, enabling remote execu...

7.1CVSS7.6AI score0.00773EPSS
Exploits1References8Affected Software2
securityvulns
securityvulns
added 2008/06/09 12:0 a.m.132 views

Akamai Technologies Security Advisory 2008-0003 (Akamai Client Software)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------- Akamai Technologies Security Advisory 2008-0003 Akamai ID: 2008-0003 Date: 2008/06/06 Product Name: Akamai Client Software formerly Red Swoosh Affected Versions: Up to and including 3322 Fixed...

7.1CVSS0.2AI score0.00773EPSS
Exploits1
securityvulns
securityvulns
added 2008/06/09 12:0 a.m.63 views

Secunia Research: Akamai Red Swoosh Cross-Site Request Forgery

====================================================================== Secunia Research 06/06/2008 - Akamai Red Swoosh Cross-Site Request Forgery Vulnerabilities - ====================================================================== Table of Contents Affected...

7.1CVSS0.6AI score0.00773EPSS
Exploits1
securityvulns
securityvulns
added 2008/06/09 12:0 a.m.34 views

Akamai Red Swoosh crossite scripting

Crossite request forgery to embedded web server is possible...

7.1CVSS1.1AI score0.00773EPSS
Exploits1References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2008/06/09 12:0 a.m.20 views

Akamai Red Swoosh < 3333 referer Header Cross-Site Request Forgery

The remote host is running Akamai Red Swoosh client, which handles software distribution via the Swoosh network. The version of Red Swoosh installed on the remote host includes a web server that listens on the loopback interface for management commands but it fails to properly sanitize the HTTP...

7.1CVSS5.7AI score0.00773EPSS
Exploits1References3
Rows per page
Query Builder