3 matches found
CVE-2026-27832 Group-Office Has Authenticated SQL Injection in advancedQueryData.comparator
Group-Office is an enterprise customer relationship management and groupware tool. Versions prior to 26.0.8, 25.0.87, and 6.8.153 have a SQL Injection SQLi vulnerability, exploitable through the advancedQueryData parameter comparator field on an authenticated endpoint. The endpoint...
Keycloak 安全漏洞
Keycloak is an open source identity and access management solution from Keycloak Open Source. A security vulnerability exists in versions of Keycloak prior to 26.0.8, which stems from the possibility that an administrator user may be able to access sensitive server environment variables and syste...
Keycloak 安全漏洞
Keycloak is an open source identity and access management solution from Keycloak Open Source. A security vulnerability exists in Keycloak versions prior to 26.0.8 that stems from the presence of a denial-of-service vulnerability that could allow an administrative user with the privilege to change...