scitokens 路径遍历漏洞

Scitokens is an open-source science computing token library developed by SciTokens. Versions of SciTokens prior to 1.9.7 contained a path traversal vulnerability. This vulnerability allowed attackers to use dots .. in token scope declarations, thereby circumventing the intended directory...

WordPress 插件 跨站请求伪造漏洞

WordPress is the Wordpress Foundation's suite of blogging platforms developed using the PHP language. A cross-site request forgery vulnerability exists in the WordPress Compact WP Audio Player plugin in versions prior to 1.9.7, which stems from the fact that the web application does not adequatel...