2 matches found
GHSA-M92M-R54R-X8R2 Statamic CMS's unsafe method invocation via collection sorting allows data destruction
Impact The fix for GHSA-4jjr-vmv7-wh4w was incomplete. It addressed the issue in the query builder, but the same protection was not applied to in-memory collection sorting. Manipulating sort parameters could result in the loss of content and assets. This requires a front-end template that passes...
Exploring the Vulnerabilities of Seaport: A Technical Analysis of a Fake Signature Attack on Non-Fungible Tokens
Lines of code Vulnerability details Impact This finding aims to provide a comprehensive analysis of the sc4m trend, which emerged in August 2022, and has since been a prevalent issue in the WEB3 space. Despite efforts to combat this phenomenon, bad actors continue to engage in illicit activities,...