1892 matches found
Kirby is missing permission checks in the content changes API
TL;DR This vulnerability affects all Kirby sites where user permissions are configured to prevent specific roles from performing write actions, specifically by disabling the update permission with the intent to prevent modifications to site content. If developers haven't configured any user...
GHSA-4J78-4XRM-CR2F Kirby is missing permission checks in the content changes API
TL;DR This vulnerability affects all Kirby sites where user permissions are configured to prevent specific roles from performing write actions, specifically by disabling the update permission with the intent to prevent modifications to site content. If developers haven't configured any user...
Malicious code in json-babel-regulus-void (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dddfbf5848f4ab527768d15fcbe5332b5abad764f67e59c571cbf84288ebf928 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in eslint-config-nestjs-deneb-geckodriver (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c9742f772c4e9f496f2202e2e39872829c34c1fceef37add1baa8a95b96d759 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in private-centauri-miranda-areology (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5cb0c2d671266707cddfd0b90b331766a59020115915d2ad62a7b52a0b450305 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in meteor-chalk-blueshift-gulp (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3261ab78dad9de4315430701c10bbd595ac7f1148a275b466115baea23d4af22 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in deimos-redshift-plutology-google (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 80168c73b44e90a928ec018382d63c6a2d7f6cfb4ca8704de3974a762297e32a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in bunyan-spectron-webdriver-less-magellan (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ea996c13b6b5a184710be958777615f73170e5e8f3a5e8fb00260064a7d769c0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in jabbah-areology-archaeometry-vega (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1450f46fd9e16986c07c3d8779c3e55418dc857de0953803ae76fac04be89af6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in mysql-joviology-eslint-config-exoplanetology (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 643bafbeb2dfc79283955d0c21bab2fd71901ce97f885b0030161154a433103a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in ionosphere-triton-selenium-janus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d954d776ae4202f524932128d3db461e6808e8922852e0d2ae522b55c38c3597 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in spectroscopy-dotenv-cassini-sedimentology (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0877ae9987490da3e59673ad1d155843077b9fb9419c1942c74445d2543962a3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in supervisor-helios-stream-rate-limiter (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a44cac380e2a9e5d329604fac7b6379508564a6b89d5771cd9cadb663d17c205 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in lepton-async-archaeogenetics-exoplanet (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f676584cd19d58d3daad93d526fe717b85cbea7fc7cfdbdf085a8c6a7d81fef This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in leda-epigenetics-redshift-geochronology (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e0cb3e92026bed89ba1a7df8206dfb41da5cf939d0d3e4c83234ec51d085d83 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in zenobia-zephyr-dactyl-planetology (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0b41972a45f6193c0e871bc179bdd7dab9cdffb8574219b66bed2cd9c14afd2a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in futurology-arcturus-saturnology-leda (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8cee2cbdc2bc3dff01e44b79762d6c94d9ca914096274d79ac432f730d252e8f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in octans-sedna-entanglement-xerxes (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4e8de26676b02acc15c835b2db1cbc166b1c3da77c3fe9955268f44283710cc6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in cold-cron-object-chi-export (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45c60002ac5653229eb6215aa13f4ec5c490f97c72faf60b5a0be727c9092c4d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in passport-auth0-levels-biomimicry (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0b0bee65acdf68a6737b8995d1143686b1ef9027fdabf5ae14fdd070cbbf7242 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...