3 matches found
Mayan EDMS has an Open Redirect through the /authentication/ file
A flaw has been found in Mayan EDMS up to 4.10.1. The impacted element is an unknown function of the file /authentication/. This manipulation causes open redirect. It is possible to initiate the attack remotely. The exploit has been published and may be used. Upgrading to version 4.10.2 is...
PT-2025-51177
Name of the Vulnerable Software and Affected Versions Mayan EDMS versions up to 4.10.1 Description A cross-site scripting issue exists in Mayan EDMS. The issue is located in an unknown function within the /authentication/ component and can be exploited remotely. The exploit is publicly available...
PT-2022-27174 · Unknown · Resque Scheduler
Name of the Vulnerable Software and Affected Versions: Resque Scheduler version 1.27.4 Description: A remote attacker could inject javascript code to the schedule job or args parameters in "/resque/delayed/jobs/schedule job?args=args id" to execute javascript at the client side, resulting in a...