3 matches found
CVE-2026-59227 Open WebUI: POST /api/v1/images/edit bypasses the global image-edit switch and the per-user image-generation permission
Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.8.11 before 0.10.0, POST /api/v1/images/edit required only a verified account and did not enforce the global image-edit switch or the per-user image-generation permission, allowing a non-admin user to...
MediaWiki 安全漏洞
MediaWiki is a free and free-to-use web-based wiki engine from the U.S. Wikimedia MediaWiki Foundation. The product can be used to deploy internal knowledge management and content management systems. mediaWiki suffers from an authorization issue vulnerability that stems from a lack of...
UBUNTU-CVE-2016-9645
The fix for ikiwiki for CVE-2016-10026 was incomplete resulting in editing restriction bypass for git revert when using git versions older than 2.8.0. This has been fixed in 3.20161229...