4 matches found
UBUNTU-CVE-2025-53113
GLPI, which stands for Gestionnaire Libre de Parc Informatique, is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In versions 0.65 through 10.0.18, a technician can use the external links feature to fetch...
CVE-2025-53113
GLPI contains a permission/authorization bypass in the external links feature. In versions 0.65 through 10.0.18, a technician can use external links to retrieve information about items they do not have rights to see, leading to unauthorized access to sensitive data. This is fixed in version 10.0....
CVE-2020-26763
The Rocket.Chat desktop application 2.17.11 opens external links without user interaction...
Security Vulnerabilities fixed in Thunderbird ESR 128.9.2 — Mozilla
Thunderbird processes the X-Mozilla-External-Attachment-URL header to handle attachments which can be hosted externally. When an email is opened, Thunderbird accesses the specified URL to determine file size, and navigates to it when the user clicks the attachment. Because the URL is not validate...