3 matches found
EUVD-2024-33350
Malicious code in bioql PyPI...
CVE-2025-48480 FreeScout Has Business Logic Errors
FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, an authorized user with the administrator role or with the privilege User::PERMEDITUSERS can create a user, specifying the path to the user's avatar ../.htaccess during creation, and then delete the user's...
CVE-2022-1384 Authorized users are allowed to install old plugin versions from the Marketplace
Mattermost version 6.4.x and earlier fails to properly check the plugin version when a plugin is installed from the Marketplace, which allows an authenticated and an authorized user to install and exploit an old plugin version from the Marketplace which might have known vulnerabilities...