4 matches found
CVE-2021-27770
The vulnerability was discovered within the “FaviconService”. The service takes a base64-encoded URL which is then requested by the webserver. We assume this service is used by the “meetings”-function where users can specify an external URL where the online meeting will take place...
HCL Technologies HCL Sametime 安全漏洞
HCL Sametime, a conferencing solution from HCL Technologies, has a security vulnerability in HCL Technologies HCL Sametime version 11.6 that stems from a lack of external URL absorption in FaviconService, which could be exploited by an attacker to specify the external URL where the online meeting...
PT-2022-9858 · Hcl +1 · Sametime
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue was discovered within the FaviconService, which takes a base64-encoded URL and requests it through the webserver. It is assumed that this...
PT-2020-14464 · Duckduckgo · Duckduckgo
Name of the Vulnerable Software and Affected Versions: DuckDuckGo versions 5.58.0 and earlier for Android DuckDuckGo versions 7.47.1.0 and earlier for iOS Description: The application sends hostnames of visited web sites within HTTPS .ico requests to servers in the duckduckgo.com domain. This mig...