11 matches found
EUVD-2022-24839
Malicious code in bioql PyPI...
CVE-2022-1543
Improper handling of Length parameter in GitHub repository erudika/scoold prior to 1.49.4. When the text size is large enough the service results in a momentary outage in a production environment. That can lead to memory corruption on the server...
CVE-2022-1543
Improper handling of Length parameter in GitHub repository erudika/scoold prior to 1.49.4. When the text size is large enough the service results in a momentary outage in a production environment. That can lead to memory corruption on the server...
Design/Logic Flaw
Improper handling of Length parameter in GitHub repository erudika/scoold prior to 1.49.4. When the text size is large enough the service results in a momentary outage in a production environment. That can lead to memory corruption on the server...
CVE-2022-1543
CVE-2022-1543 affects erudika/scoold prior to 1.49.4. The root cause is improper handling of the Length parameter in large text inputs, which can cause a momentary outage and potential memory corruption on the server. CVSS metrics indicate high/critical impact (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H...
CVE-2022-1543 Improper handling of Length parameter in erudika/scoold
Improper handling of Length parameter in GitHub repository erudika/scoold prior to 1.49.4. When the text size is large enough the service results in a momentary outage in a production environment. That can lead to memory corruption on the server...
CVE-2022-1543 Improper handling of Length parameter in erudika/scoold
Improper handling of Length parameter in GitHub repository erudika/scoold prior to 1.49.4. When the text size is large enough the service results in a momentary outage in a production environment. That can lead to memory corruption on the server...
Erudika Scoold 安全漏洞
Erudika Scoold is an open source question and answer/knowledge base platform written in Java by the Bulgarian company Erudika. A security vulnerability exists in Scoold prior to version 1.49.4, which stems from improper handling of the Length parameter. When the text size was large enough, the...
Open Redirect in erudika/scoold
Description Hi erudika scoold team, there is an Open redirect in your source code at question url Proof of Concept 1. Go to this link https://pro.scoold.com/questions/space?returnto=https://google.com 2. Observe that you are redirected to google.com Impact This vulnerability is capable of Open...
Cross-Site Request Forgery (CSRF) in erudika/scoold
Description Hi there, I would like to report a CSRF vulnerability in erudika/scoold. This allows an attacker to change the current user question space or add them to default space against their will. Proof of Concept 1. Access scoold demo at https://pro.scoold.com/ and log in 2. Access this link...
Server-Side Request Forgery (SSRF) in erudika/scoold
✍️ Description Affected URL is vulnerable to Server-Side Request Forgery SSRF. An attacker is able to bypass a proxy by providing a URL that responds with a redirect to a restricted host or IP address. 🕵️♂️ Proof of Concept @GetMapping"", "/id/" public String get@PathVariablerequired = false...