2 matches found
CVE-2025-0503 Leaked User IDs and Metadata of Deleted DMs
Mattermost versions 9.11.x = 9.11.6 fail to filter out DMs from the deleted channels endpoint which allows an attacker to infer user IDs and other metadata from deleted DMs if someone had manually marked DMs as deleted in the database...
Apereo CAS Security Feature Issue Vulnerability
Apereo CAS is a web-based enterprise multilingual single sign-on solution. A security feature issue vulnerability exists in Apereo CAS versions prior to 6.1.0-RC5, which stems from a poorly encrypted algorithm in the RandomStringUtils PRNG, and can be exploited by an attacker to infer generated...