4 matches found
EUVD-2026-29166
Open edX Platform enables the authoring and delivery of online learning at any scale. The syncproviderdata endpoint in SAMLProviderDataViewSet allows authenticated Enterprise Admin users to supply an arbitrary URL via the metadataurl POST parameter. This URL is passed directly to requests.get in...
GPT Academic Server-Side Request Forgery Vulnerability
GPT Academic is an interface that provides pragmatic interactions for LLM grand language models such as GPT/GLM. GPT Academic suffers from a server-side request forgery vulnerability that can be exploited by an attacker to cause an application to access any URL, including internal services, and...
The vulnerability of the Portal for ArcGIS web portal, related to the use of open redirection, allows a hacker to redirect a user to any given URL address.
The vulnerability of the Portal for ArcGIS web portal is related to the use of open redirection. Exploiting this vulnerability allows a malicious actor to redirect users to any given URL address...
Dompdf 安全漏洞
Dompdf is a HTML to PDF converter. A security vulnerability exists in Dompdf version 2.0.1. An attacker exploiting the vulnerability can use any protocol to call any URL...