2 matches found
Beego 跨站脚本漏洞
Beego is an open source web framework based on the Go language from Beego Open Source. A cross-site scripting vulnerability exists in Beego versions prior to 2.3.6, which stems from a cross-site scripting attack in the RenderForm function that could lead to session hijacking, credential theft, or...
FreeType invalid free() flaw
FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via an invalid "number of axes" field in a Printer Font Binary PFB file, which triggers a free of arbitrary memory locations, leading to memory corruption...