4540 matches found
Cybozu Garoon Workflow Incorrect Input Validation Vulnerability
A security vulnerability exists in Workflow in Cybozu Garoon, a portal-based OA office system from Cybozu Japan. An attacker can use this vulnerability to change workflow data without proper privileges...
Cybozu Garoon message deletion vulnerability
A message deletion vulnerability exists in Cybozu Garoon, a portal-based OA office system of Cybozu Japan. An attacker can use this vulnerability to delete workflow routing information without the appropriate privileges...
Liferay Portal 和 Liferay DXP 安全漏洞
Liferay Portal and Liferay DXP are both products of Liferay, a J2EE-based portal solution that uses EJB and JMS technologies and serves as a web publishing and shared workspace, enterprise collaboration platform, social network, etc. Liferay DXP is a digital experience collaboration platform...
Multiple vulnerabilities in Cybozu Garoon
Overview Cybozu Garoon provided by Cybozu, Inc. contains multiple vulnerabilities listed below. CyVDB-1782 Cross-site scripting vulnerability in Scheduler CWE-79 - CVE-2021-20753 CyVDB-2029 Improper input validation vulnerability in Workflow CWE-20 - CVE-2021-20754 CyVDB-2071 Viewing restrictions...
CVE-2017-18113
The DefaultOSWorkflowConfigurator class in Jira Server and Jira Data Center before version 8.18.1 allows remote attackers who can trick a system administrator to import their malicious workflow to execute arbitrary code via a Remote Code Execution RCE vulnerability. The vulnerability allowed for...
Remote code execution in workflow import - CVE-2017-18113
The DefaultOSWorkflowConfigurator class in Jira Server and Jira Data Center before version 8.18.1 allows remote attackers who can trick a system administrator to import their malicious workflow to execute arbitrary code via a Remote Code Execution RCE vulnerability which allowed for various...
Remote code execution in workflow import - CVE-2017-18113
The DefaultOSWorkflowConfigurator class in Jira Server and Jira Data Center before version 8.18.1 allows remote attackers who can trick a system administrator to import their malicious workflow to execute arbitrary code via a Remote Code Execution RCE vulnerability which allowed for various...
PT-2021-8571 · Atlassian · Jira
Name of the Vulnerable Software and Affected Versions: Jira Server and Jira Data Center versions prior to 8.18.1 Description: The issue allows remote attackers to execute arbitrary code via a Remote Code Execution RCE vulnerability, by tricking a system administrator into importing a malicious...
Cybozu Garoon 输入验证错误漏洞
A security vulnerability exists in Workflow in Cybozu Garoon, a portal-based OA office system from Cybozu Japan. An attacker can use this vulnerability to change workflow data without proper privileges...
Argo 输入验证错误漏洞
Argo is an open source container-native workflow engine. A security vulnerability exists in Argo Workflows 3.1.3 that could allow an attacker to corrupt a workflow if EXPRESSIONTEMPLATES is enabled and an untrusted user is allowed to specify input parameters when running the workflow...
PT-2021-21906
Name of the Vulnerable Software and Affected Versions: Argo Workflows versions 3.1.3 and earlier Description: The issue arises when EXPRESSION TEMPLATES is enabled and untrusted users can specify input parameters for workflows. This allows an attacker to potentially disrupt a workflow because the...
Atlassian JIRA Server和Atlassian JIRA Data Center 代码注入漏洞
Atlassian JIRA Server and Atlassian JIRA Data Center are both products of Atlassian Australia.Atlassian JIRA Server is the server version of a defect tracking management system. The system is used to track and manage all types of issues and defects on the job.Atlassian JIRA Data Center is the dat...
CVE-2021-2343
Vulnerability in the Oracle Workflow product of Oracle E-Business Suite component: Workflow Notification Mailer. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...
CVE-2021-2343
Vulnerability in the Oracle Workflow product of Oracle E-Business Suite component: Workflow Notification Mailer. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...
Design/Logic Flaw
Vulnerability in the Oracle Workflow product of Oracle E-Business Suite component: Workflow Notification Mailer. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...
CVE-2021-2457
Vulnerability in the Identity Manager product of Oracle Fusion Middleware component: Request Management & Workflow. The supported version that is affected is 11.1.2.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Identity Manager...
CVE-2021-2457
Vulnerability in the Identity Manager product of Oracle Fusion Middleware component: Request Management & Workflow. The supported version that is affected is 11.1.2.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Identity Manager...
Design/Logic Flaw
Vulnerability in the Identity Manager product of Oracle Fusion Middleware component: Request Management & Workflow. The supported version that is affected is 11.1.2.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Identity Manager...
Oracle E-Business Suite Unauthorized Access Vulnerability (CNVD-2021-57442)
Oracle E-Business Suite is an extension of the original Application ERP, including ERP Enterprise Resource Planning, HR Human Resource Management, CRM Customer Relationship Management, and so on, a collection of management software, is a seamless integration of a management suite. Oracle Workflow...
Oracle E-Business Suite Unauthorized Access Vulnerability (CNVD-2021-57441)
Oracle E-Business Suite is an extension of the original Application ERP, including ERP Enterprise Resource Planning, HR Human Resource Management, CRM Customer Relationship Management, and so on, a collection of management software, is a seamless integration of a management suite. Oracle Workflow...