3 matches found
EUVD-2026-34827
The Comment API GET /api/Comment and POST /api/Comment in the affected application fails to perform authorization checks to verify that the requesting user has access to the object identified by the relatedObjectId. This Insecure Direct Object Reference IDOR vulnerability allows any authenticated...
Authorization Bypass Through User-Controlled Key
Overview praisonai-platform is a Platform layer for PraisonAI — workspace, auth, issues, projects Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key through the CommentService.create and CommentService.listforissue functions. An attacker can acces...
EUVD-2021-15909
Malware in sbrugna...