2 matches found
CVE-2026-54756
The CVE pertains to Jodit Editor (TypeScript WYSIWYG) where versions prior to 4.12.18 expose a Prototype Pollution risk via Jodit.configure(options) and internal ConfigMerge/ConfigProto, which may merge user-controlled options (e.g., under a plain-object option like controls) into Object.prototyp...
Craft CMS 安全漏洞
Craft CMS is an open-source content management system developed by Craft Studio. Versions of Craft CMS from 5.6.0 to 5.9.11 contained security vulnerabilities. These vulnerabilities stemmed from the $settings array returned by the parsestr method in src/controllers/EntryTypesController.php, which...