2 matches found
PT-2020-19874 · Hashicorp +1 · Hashicorp Consul +2
Name of the Vulnerable Software and Affected Versions: HashiCorp Consul and Consul Enterprise versions 1.4.1 through 1.6.2 Description: The issue results from the non-uniform enforcement of Access Control Lists ACLs across all API endpoints, potentially leading to unintended information disclosur...
PT-2017-7490 · Npm +1 · Index Server +1
Name of the Vulnerable Software and Affected Versions: serve-index versions 1.6.2 and earlier Description: A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML via a crafted file or directory name. This is due to file and directory names not being escape...