4 matches found
PT-2025-32581 · WordPress · Mattermost Confluence Plugin
Name of the Vulnerable Software and Affected Versions: Mattermost Confluence Plugin versions prior to 1.5.0 Description: The Mattermost Confluence Plugin does not properly handle unexpected request bodies. Attackers can exploit this to crash the plugin by repeatedly sending invalid request bodies...
PT-2023-16850 · Unknown · Easyappointments
Name of the Vulnerable Software and Affected Versions: easyappointments versions prior to 1.5.0 Description: The issue concerns the use of hard-coded credentials in the GitHub repository alextselegidis/easyappointments. Recommendations: For versions prior to 1.5.0, update to version 1.5.0 or late...
PT-2022-18836 · Jenkins · Jenkins Rocketchat Notifier Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins RocketChat Notifier Plugin versions 1.4.10 and earlier Description: A cross-site request forgery CSRF vulnerability allows attackers to connect to an attacker-specified URL using attacker-specified credentials. This issue arises becau...
PT-2021-18239 · Hedgedoc · Hedgedoc
Name of the Vulnerable Software and Affected Versions: HedgeDoc versions prior to 1.5.0 Description: The issue affects HedgeDoc, an open-source collaborative markdown editor, where an attacker can receive arbitrary files from the file system when exporting a note to PDF. This exploit requires the...