2 matches found
GHSA-XGC9-9W4V-H33H High severity vulnerability that affects org.apache.syncope:syncope-core
An administrator with report and template entitlements in Apache Syncope 1.2.x before 1.2.11 and 2.0.x before 2.0.8 can use XSL Transformations XSLT to perform malicious operations, including but not limited to file read, file write, and code execution...
CVE-2004-2390
The roster import functionality in Jabber Gadu-Gadu Transport a.k.a. jabber-gg-transport 2.0.x before 2.0.8, when using libgadu 1.0 and later, allows attackers to cause a denial of service via unknown vectors...