5 matches found
PT-2026-1890
Name of the Vulnerable Software and Affected Versions Aruba HiSpeed Cache versions prior to 3.0.3 Description A missing authorization issue exists in Aruba HiSpeed Cache. The issue allows access to functionality that is not properly constrained by Access Control Lists ACLs. Recommendations Update...
PT-2023-27403 · Jenkins · Jenkins Delphix Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Delphix Plugin versions 3.0.2 and earlier Description: The issue allows attackers with Overall/Read permission to access and capture credentials they are not entitled to, due to the plugin not setting the appropriate context for...
PT-2022-24468 · WordPress · The Floating Chat Widget
Name of the Vulnerable Software and Affected Versions: The Floating Chat Widget: Contact Chat Icons, Telegram Chat, Line, WeChat, Email, SMS, Call Button WordPress plugin versions prior to 3.0.3 Description: The issue arises from the plugin's failure to properly sanitise and escape a parameter...
PT-2021-17103 · Unknown · Merge-Deep
Name of the Vulnerable Software and Affected Versions: merge-deep library versions prior to 3.0.3 Description: The issue allows an attacker to trick the library into overwriting properties of Object.prototype or adding new properties to it. These properties are then inherited by every object in t...
PT-2020-17354 · Mersive · Solstice Pod
Name of the Vulnerable Software and Affected Versions: Solstice Pod versions prior to 3.0.3 Description: The firmware of the affected versions can be easily decompiled or disassembled, and the resulting files contain non-obfuscated code. It is unclear whether the lack of obfuscation directly caus...