3 matches found
CVE-2025-48947 NextJS-Auth0 SDK Vulnerable to CDN Caching of Session Cookies
The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. In Auth0 Next.js SDK versions 4.0.1 through 4.6.0, session cookies set by auth0.middleware may be cached by CDNs due to missing Cache-Control headers. Three preconditions must be met in order for...
BIT-GITLAB-2024-10383 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab VSCode Fork
An issue has been discovered in the gitlab-web-ide-vscode-fork component distributed over CDN affecting all versions prior to 1.89.1 and used by all versions of GitLab CE/EE starting from 15.11 prior to 17.3 and which also temporarily affected versions 17.4, 17.5 and 17.6, where a XSS attack was...
cdn.bianguo.com.cn Improper Access Control vulnerability
Open Bug Bounty ID: OBB-593812 Description| Value ---|--- Affected Website:| cdn.bianguo.com.cn Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| IAC Improper Access Control / CWE-284 CVSSv3 Score:| 6.5...