Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the inlineRemoteCSS function during the HTML email analysis process. An attacker can cause the server to make arbitrary HTTP requests to external resources by supplying crafted HTML emails containing...

CVE-2022-48430

In JetBrains IntelliJ IDEA before 2023.1 file content could be disclosed via an external stylesheet path in Markdown preview...

PostCSS line return parsing error

An issue was discovered in PostCSS before 8.4.31. It affects linters using PostCSS to parse external Cascading Style Sheets CSS. There may be \r discrepancies, as demonstrated by @font-face font:\r/; in a rule. This vulnerability affects linters using PostCSS to parse external untrusted CSS. An...

CVE-2022-48430

In JetBrains IntelliJ IDEA before 2023.1 file content could be disclosed via an external stylesheet path in Markdown preview...

CVE-2022-48430

In JetBrains IntelliJ IDEA before 2023.1 file content could be disclosed via an external stylesheet path in Markdown preview...

CVE-2022-48430

Vulnerability CVE-2022-48430 affects JetBrains IntelliJ IDEA prior to 2023.1. The issue allows disclosing file content via an external stylesheet path used in Markdown preview, due to the way the preview handles stylesheet references. Impact: potential exposure of local file contents (confidentia...

JetBrains IntelliJ IDEA 安全漏洞

JetBrains IntelliJ IDEA is a set of integrated development environments for the Java language from the Czech company JetBrains. A security vulnerability exists in JetBrains IntelliJ IDEA versions prior to 2023.1, which stems from a file content that can lead to path disclosure via an external...

PT-2023-15774 · Jetbrains · Intellij Idea

Name of the Vulnerable Software and Affected Versions: JetBrains IntelliJ IDEA versions prior to 2023.1 Description: The issue allows file content to be disclosed via an external stylesheet path in Markdown preview. Recommendations: For versions prior to 2023.1, update to version 2023.1 or later ...

DEBIAN-CVE-2011-1492

steps/utils/modcss.inc in Roundcube Webmail before 0.5.1 does not properly verify that a request is an expected request for an external Cascading Style Sheets CSS stylesheet, which allows remote authenticated users to trigger arbitrary outbound TCP connections from the server, and possibly obtain...