4 matches found
PT-2025-2105 · Drupal · Ohdear Integration
Name of the Vulnerable Software and Affected Versions: OhDear Integration versions 0.0.0 through 2.0.3 Description: The issue is related to incorrect authorization in the OhDear Integration module for Drupal, allowing forceful browsing. This can enable a remote attacker to access confidential...
PT-2023-16269 · Modoboa · Modoboa
Name of the Vulnerable Software and Affected Versions: modoboa/modoboa versions prior to 2.0.4 Description: The issue is related to Cross-Site Request Forgery CSRF in the modoboa/modoboa GitHub repository. Recommendations: For versions prior to 2.0.4, update to version 2.0.4 or later to resolve t...
PT-2022-22045 · Jenkins · Jenkins Embeddable Build Status Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Embeddable Build Status Plugin version 2.0.3 Description: The issue allows specifying a link query parameter for build status badges without restricting possible values, resulting in a reflected cross-site scripting XSS vulnerability...
PT-2021-15889 · Betterlinks · Simple 301 Redirects
Name of the Vulnerable Software and Affected Versions: Simple 301 Redirects by BetterLinks WordPress plugin versions prior to 2.0.4 Description: The issue concerns the import data function, which lacks capability and nonce checks. This allows unauthenticated users to import site redirects...