Zimbra 安全漏洞

Zimbra is an open source email collaboration platform from Zimbra, Inc. A security vulnerability exists in Zimbra versions 9.0 through 10.1, which stems from a lack of CSRF token validation on GraphQL endpoints, which could lead to unauthorized operations...

CVE-2023-46942

Lack of authentication in NPM's package @evershop/evershop before version 1.0.0-rc.8, allows remote attackers to obtain sensitive information via improper authorization in GraphQL endpoints...