4 matches found
ApostropheCMS 安全漏洞
ApostropheCMS is a full-stack content management system open source by Apostrophe Technologies. Versions of ApostropheCMS 4.28.0 and earlier contained security vulnerabilities. These vulnerabilities were caused by an authorization bypass in the getRestQuery method of the @apostrophecms/piece-type...
CVE-2025-62292
In SonarQube before 25.6, 2025.3 Commercial, and 2025.1.3 LTA, authenticated low-privileged users can query the /api/v2/users-management/users endpoint and obtain user fields intended for administrators only, including the email addresses of other accounts...
CVE-2025-62292
In SonarQube before 25.6, 2025.3 Commercial, and 2025.1.3 LTA, authenticated low-privileged users can query the /api/v2/users-management/users endpoint and obtain user fields intended for administrators only, including the email addresses of other accounts...
PT-2023-30152 · Unknown · Pac Device
Name of the Vulnerable Software and Affected Versions: PAC Device affected versions not specified Description: The web interface of the PAC Device allows the device administrator user profile to store malicious scripts in some fields. The stored malicious script is then executed when the GUI is...