Craft CMS 安全漏洞

Craft CMS is an open-source content management system developed by Craft Studio. Vulnerabilities existed in versions of Craft CMS from 4.0.0-RC1 to 4.17.6, as well as in versions 5.0.0-RC1 to 5.9.12. These vulnerabilities stemmed from a potential exploit where low-privilege users or unverified...

CVE-2025-46703

Improper Encoding or Escaping of Output vulnerability in Hallo Welt! GmbH BlueSpice Extension:AtMentions allows Cross-Site Scripting XSS. This issue affects BlueSpice: from 5 through 5.1.1...

PT-2025-38535

Name of the Vulnerable Software and Affected Versions BlueSpice versions 5 through 5.1.1 Description An improper input validation issue exists in Hallo Welt! GmbH BlueSpice Extension:CognitiveProcessDesigner that allows for Cross-Site Scripting XSS. Recommendations Update BlueSpice to a version...

Vocera Report Server 路径遍历漏洞

Vocera Report Server is a reporting application from Vocera USA. It is used to collect data from data logs created by Vocera system software and to build reports. A security vulnerability exists in Vocera Report Server and Voice Server versions 5.x - 5.8, which stems from the fact that the Vocera...