unhead 跨站脚本漏洞

unhead is a document header and template manager developed by UnJS. Versions of unhead prior to 2.1.11 contained a cross-site scripting vulnerability. This vulnerability stemmed from the link.href check being case-sensitive, which could allow attackers to inject arbitrary CSS for UI masking or da...

PT-2026-21640

Name of the Vulnerable Software and Affected Versions Airflow versions prior to 2.11.1 Description The software contains a flaw that permits authenticated users possessing audit log access to view sensitive values within audit logs that they are not authorized to see. Specifically, when sensitive...