CVE-2021-47776

Umbraco CMS v8.14.1 contains a server-side request forgery vulnerability that allows attackers to manipulate baseUrl parameters in multiple dashboard and help controller endpoints. Attackers can craft malicious requests to the GetContextHelpForPage, GetRemoteDashboardContent, and...

Tdarr 操作系统命令注入漏洞

Tdarr is a multimedia transcoding automation platform from Tdarr Inc. Tdarr version 2.00.15 suffers from an operating system command injection vulnerability that stems from unauthenticated remote code execution in the Help endpoint, which could lead an attacker to inject and link arbitrary comman...

Citrix NetScaler Nitro help/rt/large_search.html Cross-Site Scripting Vulnerability

Citrix NetScaler is a network traffic management product. A cross-site scripting vulnerability in Citrix NetScaler help/rt/largesearch.html allows an attacker to inject malicious script code via the searchQuery parameter...