3 matches found
CVE-2026-32266 Google Cloud Storage for Craft CMS has an Information Disclosure Vulnerability
The Google Cloud Storage for Craft CMS plugin provides a Google Cloud Storage integration for Craft CMS. In versions on the 2.x branch prior to 2.2.1, the DefaultController-actionLoadBucketData endpoint allows unauthenticated users with a valid CSRF token to view a list of buckets that the plugin...
PYSEC-2020-220
A flaw was found in Ansible Base when using the awsssm connection plugin as garbage collector is not happening after playbook run is completed. Files would remain in the bucket exposing the data. This issue affects directly data confidentiality...
Razer: Misconfigured Bucket [razer-assets2] https://assets2.razerzone.com/
The tester discovered an S3 bucket exposure at assets2.razerzone.com. We appreciate the tester bringing this to our attention...