2 matches found
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the serialization algorithm in the PrefetchPageLinks function. An attacker can cause a denial of service by supplying specially crafted user input that is reflected and processed...
Cross-site Request Forgery (CSRF)
Overview Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF due to the improper origin checks of UI route submissions in server-side route action handlers in Framework Mode. An attacker can execute unauthorized actions by tricking a user into submitting a crafted...