CiviCRM 跨站请求伪造漏洞

CiviCRM is an open source, cloud-based member relationship management CRM system developed specifically to meet the needs of nonprofit and association-based organizations. A cross-site request forgery vulnerability exists in CiviCRM versions prior to 5.28.1 and CiviCRM ESR versions prior to 5.27....

PT-2020-6426 · Ckeditor +1 · Ckeditor +1

Name of the Vulnerable Software and Affected Versions: CiviCRM versions prior to 5.28.1 CiviCRM ESR versions prior to 5.27.5 ESR Description: The issue is related to the CKEditor configuration form in CiviCRM, which allows Cross-Site Request Forgery CSRF. This could potentially allow a remote...

perl: Integer overflow leading to buffer overflow in Perl_my_setenv()

Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations...

ALPINE-CVE-2018-18311

Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations...