2 matches found
PT-2023-1347 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 12.9 through 15.3.4 GitLab CE/EE versions 15.4 through 15.4.3 GitLab CE/EE versions 15.5 through 15.5.1 Description: The issue is related to a flaw in the authorization procedure when managing keys and tokens using...
docsify 跨站脚本漏洞
docsify is a documentation website generator. A cross-site scripting vulnerability exists in docsify versions prior to 4.12.0. The vulnerability stems from the fact that it is possible to bypass the isURL external check by inserting more "////" characters to clean up the HTML code on the homepage...