3 matches found
Ash Authentication 访问控制错误漏洞
Ash Authentication is an Ash authentication framework open-sourced by Alembic. An access control error vulnerability exists in Ash Authentication versions prior to 4.7.0 that originates in the GET request validation process and could lead to automatic account validation...
PT-2020-19730 · Irrelon · @Irrelon/Path
Name of the Vulnerable Software and Affected Versions: irrelon-path versions prior to 4.7.0 @irrelon/path versions prior to 4.7.0 Description: The issue concerns Prototype Pollution, which can be exploited via the set, unSet, pushVal, and pullVal functions. Recommendations: For irrelon-path...
Atlassian Fisheye and Crucible Cross-Site Scripting Vulnerabilities (CNVD-2019-04923)
Atlassian Fisheye and Crucible are both products of the Australian company Atlassian, Atlassian Fisheye is a suite of in-depth viewers of source code and Crucible is a suite of code review tools. A cross-site scripting vulnerability exists in the administrative linker feature in Atlassian Fisheye...