GHSA-5M9M-J5P7-M7F9 Casdoor is vulnerable to Improper Authorization

An issue in the permission verification module and organization/application editing interface in Casdoor before 2.63.0 allows remote authenticated administrators of any organization within the system to bypass the system's permission verification mechanism by directly concatenating URLs after log...

Linux Distros Unpatched Vulnerability : CVE-2017-16664

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Code injection exists in Kernel/System/Spelling.pm in Open Ticket Request System OTRS 5 before 5.0.24, 4 before 4.0.26, and 3.3 before 3.3.20. In the agent...

CVE-2018-25058

A vulnerability classified as problematic has been found in Twitter-Post-Fetcher up to 17.x. This affects an unknown part of the file js/twitterFetcher.js of the component Link Target Handler. The manipulation leads to use of web link to untrusted target with window.opener access. It is possible ...

CVE-2018-25058

The CVE-2018-25058 issue affects Twitter-Post-Fetcher up to version 17.x, specifically the js/twitterFetcher.js component of the Link Target Handler. The vulnerability enables a web link to an untrusted target via window.opener access and can be triggered remotely. A fix is available in version 1...

Design/Logic Flaw

A vulnerability was found in ahorner text-helpers up to 1.0.x. It has been declared as critical. This vulnerability affects unknown code of the file lib/texthelpers/translation.rb. The manipulation of the argument link leads to use of web link to untrusted target with window.opener access. The...

Cypserver Directory Traversal Vulnerability

cypserver is a static file server. A directory traversal vulnerability exists in cypserver. An attacker can exploit this vulnerability by placing "... /" in a URL to access the file system...