15 matches found
CVE-2026-33955
Notesnook: A stored XSS in the note history diff viewer (Web/Desktop) can lead to remote code execution in the desktop app. Trigger occurs when an attacker-controlled note header is rendered with dangerouslySetInnerHTML, and, when combined with the full backup/restore feature, is exploitable due ...
EUVD-2024-33482
Malicious code in bioql PyPI...
CVE-2024-10043
An issue has been discovered in GitLab EE affecting all versions starting from 14.3 before 17.4.6, all versions starting from 17.5 before 17.5.4 all versions starting from 17.6 before 17.6.2, that allows group users to view confidential incident title through the Wiki History Diff feature,...
The vulnerability of the Wiki History Diff component of the Git-based software platform for collaborative code development on GitLab allows a hacker to gain unauthorized access to protected information.
The vulnerability of the Wiki History Diff component in the Git-based software platform for collaborative code development on GitLab is related to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access t...
BIT-GITLAB-2024-10043 Incorrect Authorization in GitLab
An issue has been discovered in GitLab EE affecting all versions starting from 14.3 before 17.4.6, all versions starting from 17.5 before 17.5.4 all versions starting from 17.6 before 17.6.2, that allows group users to view confidential incident title through the Wiki History Diff feature,...
CVE-2024-10043
An issue has been discovered in GitLab EE affecting all versions starting from 14.3 before 17.4.6, all versions starting from 17.5 before 17.5.4 all versions starting from 17.6 before 17.6.2, that allows group users to view confidential incident title through the Wiki History Diff feature,...
UBUNTU-CVE-2024-10043
An issue has been discovered in GitLab EE affecting all versions starting from 14.3 before 17.4.6, all versions starting from 17.5 before 17.5.4 all versions starting from 17.6 before 17.6.2, that allows group users to view confidential incident title through the Wiki History Diff feature,...
CVE-2024-10043
CVE-2024-10043 affects GitLab EE versions 14.3–before 17.4.6, 17.5–before 17.5.4, and 17.6–before 17.6.2. The issue allows group users to view confidential incident titles via the Wiki History Diff feature, leading to information disclosure. The documents indicate fixes in the applicable lines: u...
CVE-2024-10043 Incorrect Authorization in GitLab
An issue has been discovered in GitLab EE affecting all versions starting from 14.3 before 17.4.6, all versions starting from 17.5 before 17.5.4 all versions starting from 17.6 before 17.6.2, that allows group users to view confidential incident title through the Wiki History Diff feature,...
CVE-2024-10043 Incorrect Authorization in GitLab
An issue has been discovered in GitLab EE affecting all versions starting from 14.3 before 17.4.6, all versions starting from 17.5 before 17.5.4 all versions starting from 17.6 before 17.6.2, that allows group users to view confidential incident title through the Wiki History Diff feature,...
CVE-2024-10043
Removed by vendor...
CVE-2024-10043 Incorrect Authorization in GitLab
An issue has been discovered in GitLab EE affecting all versions starting from 14.3 before 17.4.6, all versions starting from 17.5 before 17.5.4 all versions starting from 17.6 before 17.6.2, that allows group users to view confidential incident title through the Wiki History Diff feature,...
PT-2024-10157 · Gitlab · Gitlab Ce/Ee
Name of the Vulnerable Software and Affected Versions: GitLab EE versions 14.3 through 17.4.6 GitLab EE versions 17.5 through 17.5.4 GitLab EE versions 17.6 through 17.6.2 Description: The issue is related to the Wiki History Diff feature in GitLab EE, which allows group users to view confidentia...
PT-2024-24095 · Xwiki · Xwiki Platform
Name of the Vulnerable Software and Affected Versions: XWiki Platform versions 5.0-rc-1 through 14.10.18 XWiki Platform versions 14.10.19 through 15.5.3 XWiki Platform versions 15.5.4 through 15.9-rc-1 Description: The issue allows access to the hash of a password by using the diff feature of the...
XWiki Platform 安全漏洞
XWiki Platform is the XWiki Foundation's suite of Wiki platforms for creating Web collaboration applications. A security vulnerability exists in XWiki Platform that stems from the ability to access a password's hash value whenever the object storing the password is deleted, by using the diff...