3 matches found
TinyWeb 安全漏洞
TinyWeb is a simple and lightweight HTTP server developed by Konstantin Belyalov. Versions of TinyWeb prior to 2.04 contained security vulnerabilities. These vulnerabilities stemmed from the parser not strictly rejecting dangerous control characters in header lines and header values, which could...
Fedora 20 : bugzilla-4.2.9-1.fc20 (2014-5433)
Previous versions of bugzilla had the following security issues : - The login form had no CSRF protection, meaning that an attacker could force the victim to log in using the attacker's credentials. - Dangerous control characters can be inserted into Bugzilla, notably into bug comments, which can...
Fedora 19 : bugzilla-4.2.9-1.fc19 (2014-5414)
Previous versions of bugzilla had the following security issues : - The login form had no CSRF protection, meaning that an attacker could force the victim to log in using the attacker's credentials. - Dangerous control characters can be inserted into Bugzilla, notably into bug comments, which can...