2 matches found
GHSA-228V-WC5R-J8M7 OliveTin Vulnerable to Unauthorized Action Output Disclosure via EventStream
Summary OliveTin’s live EventStream broadcasts execution events and action output to authenticated dashboard subscribers without enforcing per-action authorization. A low-privileged authenticated user can receive output from actions they are not allowed to view, resulting in broken access control...
Barracuda Email Security Service - Multiple HTML Injection Vulnerabilities
Barracuda Email Security Service - Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/54773/info Barracuda Email Security Service is prone to multiple HTML-injection vulnerabilities because it fails to properly validate user-supplied input. An attacker may leverage...