14 matches found
CVE-2026-33955
Notesnook: A stored XSS in the note history diff viewer (Web/Desktop) can lead to remote code execution in the desktop app. Trigger occurs when an attacker-controlled note header is rendered with dangerouslySetInnerHTML, and, when combined with the full backup/restore feature, is exploitable due ...
EUVD-2024-33482
Malicious code in bioql PyPI...
CVE-2024-10043
An issue has been discovered in GitLab EE affecting all versions starting from 14.3 before 17.4.6, all versions starting from 17.5 before 17.5.4 all versions starting from 17.6 before 17.6.2, that allows group users to view confidential incident title through the Wiki History Diff feature,...
BIT-GITLAB-2024-10043 Incorrect Authorization in GitLab
An issue has been discovered in GitLab EE affecting all versions starting from 14.3 before 17.4.6, all versions starting from 17.5 before 17.5.4 all versions starting from 17.6 before 17.6.2, that allows group users to view confidential incident title through the Wiki History Diff feature,...
CVE-2024-10043
An issue has been discovered in GitLab EE affecting all versions starting from 14.3 before 17.4.6, all versions starting from 17.5 before 17.5.4 all versions starting from 17.6 before 17.6.2, that allows group users to view confidential incident title through the Wiki History Diff feature,...
UBUNTU-CVE-2024-10043
An issue has been discovered in GitLab EE affecting all versions starting from 14.3 before 17.4.6, all versions starting from 17.5 before 17.5.4 all versions starting from 17.6 before 17.6.2, that allows group users to view confidential incident title through the Wiki History Diff feature,...
CVE-2024-10043 Incorrect Authorization in GitLab
An issue has been discovered in GitLab EE affecting all versions starting from 14.3 before 17.4.6, all versions starting from 17.5 before 17.5.4 all versions starting from 17.6 before 17.6.2, that allows group users to view confidential incident title through the Wiki History Diff feature,...
CVE-2024-10043 Incorrect Authorization in GitLab
An issue has been discovered in GitLab EE affecting all versions starting from 14.3 before 17.4.6, all versions starting from 17.5 before 17.5.4 all versions starting from 17.6 before 17.6.2, that allows group users to view confidential incident title through the Wiki History Diff feature,...
CVE-2024-10043
Removed by vendor...
CVE-2024-10043 Incorrect Authorization in GitLab
An issue has been discovered in GitLab EE affecting all versions starting from 14.3 before 17.4.6, all versions starting from 17.5 before 17.5.4 all versions starting from 17.6 before 17.6.2, that allows group users to view confidential incident title through the Wiki History Diff feature,...
CVE-2024-10043
CVE-2024-10043 affects GitLab EE versions 14.3–before 17.4.6, 17.5–before 17.5.4, and 17.6–before 17.6.2. The issue allows group users to view confidential incident titles via the Wiki History Diff feature, leading to information disclosure. The documents indicate fixes in the applicable lines: u...
PT-2024-10157 · Gitlab · Gitlab Ce/Ee
Name of the Vulnerable Software and Affected Versions: GitLab EE versions 14.3 through 17.4.6 GitLab EE versions 17.5 through 17.5.4 GitLab EE versions 17.6 through 17.6.2 Description: The issue is related to the Wiki History Diff feature in GitLab EE, which allows group users to view confidentia...
XWiki Platform 安全漏洞
XWiki Platform is the XWiki Foundation's suite of Wiki platforms for creating Web collaboration applications. A security vulnerability exists in XWiki Platform that stems from the ability to access a password's hash value whenever the object storing the password is deleted, by using the diff...
PT-2024-24095 · Xwiki · Xwiki Platform
Name of the Vulnerable Software and Affected Versions: XWiki Platform versions 5.0-rc-1 through 14.10.18 XWiki Platform versions 14.10.19 through 15.5.3 XWiki Platform versions 15.5.4 through 15.9-rc-1 Description: The issue allows access to the hash of a password by using the diff feature of the...