Miniflux 输入验证错误漏洞

Miniflux is a minimalist synopsis reader open-sourced by Miniflux. An input validation error vulnerability exists in Miniflux 2 2.2.14 and earlier versions, which stems from insufficient redirecturl validation and could lead to a post-login phishing attack...

Important: pcs

Issue Overview: Rack is a modular Ruby web server interface. Prior to versions 2.2.14, 3.0.16, and 3.1.14, Rack::QueryParser parses query strings and application/x-www-form-urlencoded bodies into Ruby data structures without imposing any limit on the number of parameters, allowing attackers to se...

Rack 安全漏洞

Rack is a modular Ruby web server interface open-sourced by Rack. A security vulnerability exists in Rack versions prior to 2.2.14, 3.0.16, and 3.1.14, which stems from Rack::QueryParser parsing a query string without limiting the number of parameters, which could lead to a denial-of-service atta...