3 matches found
CVE-2026-59897 Hono: API Gateway v1 adapter can drop a distinct repeated request header value during de-duplication
Hono is a Web application framework that provides support for any JavaScript runtime. From 4.3.3 before 4.12.27, the AWS API Gateway v1 adapter can drop a distinct repeated request header value because it de-duplicates values using a substring comparison instead of an exact match, so middleware o...
CVE-2020-27621
The FileImporter extension in MediaWiki through 1.35.0 was not properly attributing various user actions to a specific user's IP address. Instead, for various actions, it would report the IP address of an internal Wikimedia Foundation server by omitting X-Forwarded-For data. This resulted in an...
Jfinal CMS 跨站脚本漏洞
Jfinal CMS is a powerful information consulting website developed in java, using the simple and powerful JFinal as the web framework, template engine with beetl, database with mysql, and front-end bootstrap framework. cross-site scripting vulnerability exists in Jfinal CMS v5.1.0. The vulnerabili...