4 matches found
Dragonfly 安全漏洞
Dragonfly is an open source framework from DragonflyDB that allows dynamic processing of any content type. A security vulnerability exists in Dragonfly versions prior to 2.1.0, which stems from a hard-coded use of the HTTP protocol instead of HTTPS when downloading small files in the scheduler...
CVE-2019-17220
Rocket.Chat before 2.1.0 allows XSS via a URL on a !title line...
CVE-2023-0588
The Catalyst Connect Zoho CRM Client Portal WordPress plugin before 2.1.0 does not sanitize and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high-privilege users such as admin...
Lenovo XClarity Administrator Parameter Injection Vulnerability
Lenovo XClarity Administrator LXCA is a centralized resource management solution from Lenovo, China. The solution supports simplified infrastructure management, faster server response, and improved performance of Lenovo server systems. A parameter injection vulnerability exists in the Web API in...