SvelteKit 跨站脚本漏洞

SvelteKit is an open source web development framework from Svelte. A cross-site scripting vulnerability exists in SvelteKit versions prior to 2.8.3, which stems from the presence of unpurified input data and user-controllable data flow in a particular file, making it susceptible to cross-site...

Mobileiron Sentry Security Vulnerability

Mobileiron Sentry is a Smart Gateway product from Mobileiron, Inc. A security vulnerability exists in Mobileiron Sentry Sentry-javascript prior to version 7.77.0, which arises from unpurified input that allows HTTP requests to be sent to arbitrary URLs and responses to be reflected back to the us...

NetModule Router Software Operating System Command Injection Vulnerability

NetModule Router Software is a router from NetModule. A security vulnerability exists in NetModule Router Software NRSW versions 4.6.x prior to 4.6.0.106 and 4.8.x prior to 4.8.0.101, which originates from the construction of operating system commands using unpurified user input, and which can be...

Gladys Assistant Path Traversal Vulnerability

Gladys Assistant is a source home assistant software from Gladys Assistant open source. A path traversal vulnerability exists in Gladys Assistant v4.26.1 and earlier versions, which originates from a vulnerability that allows an authenticated attacker to extract sensitive files from the host by...