4 matches found
CVE-2019-10049
It is possible for an attacker with regular user access to the web application of Pydio through 8.2.2 to trick an administrator user into opening a link shared through the application, that in turn opens a shared file that contains JavaScript code that is executed in the context of the victim use...
CVE-2019-10049
The CVE-2019-10049 entry concerns Pydio Core (versions up to 8.2.2) where a user with regular access can be manipulated into opening a shared file containing JavaScript that runs in the victim’s browser context, enabling leakage of sensitive data (e.g., session identifiers) and actions on behalf ...
Pydio 8 Command Execution / Cross Site Scripting
SecureAuth - SecureAuth Labs Advisory http://www.secureauth.com/ Pydio 8 Multiple Vulnerabilities 1. Advisory Information Title: Pydio 8 Multiple Vulnerabilities Advisory ID: SAUTH-2019-0002 Advisory URL: https://www.secureauth.com/labs/advisories/pydio-8-multiple-vulnerabilities Date published:...
Pydio 8 Command Execution / Cross Site Scripting Vulnerabilities
Pydio 8 suffers from cross site scripting, command injection, and various other vulnerabilities. Pydio 8 Multiple Vulnerabilities 1. Advisory Information Title: Pydio 8 Multiple Vulnerabilities Advisory ID: SAUTH-2019-0002 Advisory URL:...