7 matches found
EUVD-2020-29035
Malware in sbrugna...
CVE-2021-36400
In Moodle, insufficient capability checks made it possible to remove other users' calendar URL subscriptions...
Design/Logic Flaw
In Moodle, insufficient capability checks made it possible to remove other users' calendar URL subscriptions...
CVE-2021-36400
CVE-2021-36400 : In Moodle, insufficient capability checks made it possible to remove other users’ calendar URL subscriptions. The connected documents indicate the issue is a permissions flaw within the Moodle calendar subscriptions feature, with the CVSS base score 5.3 (Medium) and a leading imp...
PYSEC-2021-82
Plone through 5.2.4 allows remote authenticated managers to conduct SSRF attacks via an event ical URL, to read one line of a file...
CVE-2020-8138
A missing check for IPv4 nested inside IPv6 in Nextcloud server 17.0.1, 16.0.7, and 15.0.14 allowed a Server-Side Request Forgery SSRF vulnerability when subscribing to a malicious calendar URL...
Server side request forgery (ssrf)
A missing check for IPv4 nested inside IPv6 in Nextcloud server 17.0.1, 16.0.7, and 15.0.14 allowed a Server-Side Request Forgery SSRF vulnerability when subscribing to a malicious calendar URL...