3 matches found
The vulnerability of the software for calculating positions of individual RTLS transponders in the SIMATIC RTLS Locating Manager lies in the lack of a mechanism for verifying input data during backup scenarios. This allows a malicious actor to execute arbitrary code with SYSTEM privileges.
The vulnerability of the software for calculating positions of individual RTLS transponders in the SIMATIC RTLS Locating Manager is related to deficiencies in the mechanism for verifying input data during backup scenario execution. Exploiting this vulnerability could allow an attacker, operating...
Improper Validation of Consistency within Input
Overview Affected versions of this package are vulnerable to Improper Validation of Consistency within Input through the internalImportFromBackup process in lxd/apiinternal.go. An attacker can create a backup archive with a benign backup/index.yaml and a malicious backup/container/backup.yaml, th...
Cross-site Scripting (XSS)
Overview @saltcorn/data is a Data models for Saltcorn, open-source no-code platform Affected versions of this package are vulnerable to Cross-site Scripting XSS and code execution, via the name parameter on the /admin/edit-codepage endpoint and improper handling of backup password input to the...