2 matches found
CVE-2025-48208 Apache HertzBeat (incubating): Jmx JNDI injection vulnerability
Improper Neutralization of Special Elements used in an LDAP Query 'LDAP Injection' vulnerability in Apache HertzBeat . The attacker needs to have an authenticated account with access, and the attack can only be triggered by crafting custom commands. A successful attack would result in arbitrary...
Open Redirect
Overview Affected versions of this package are vulnerable to Open Redirect via the returnUrl parameter. Remediation Upgrade BTCPayServer.Client to version 1.7.3 or higher. References - GitHub Commit - GitHub PR Credit: Jefferson Gonzales...