2 matches found
GHSA-Q59X-JC9F-GFQF Signal K Server: Server-Side Request Forgery via Remote Connection Endpoints
Summary signalk-server versions up to and including 2.27.0 contain a Server-Side Request Forgery SSRF vulnerability in three administrative endpoints used for remote Signal K server connection management. The makeRemoteRequest function accepts attacker-controlled host, port, useTLS, and...
Netskope Client 安全漏洞
Netskope Client is a client program for connecting to manage the Netskope Cloud Platform from Netskope USA. A security vulnerability exists in Netskope Client that stems from insufficient authentication of server connection endpoints, which could result in elevated privileges for local users...