5 matches found
EUVD-2026-43135
The SurfLink - Ultimate Link Manager plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the ajaximport410 function in all versions up to 2.6.0. This is due to a missing capability check currentusercan and missing nonce verification...
Exposure Of Sensitive Information
github.com/rancher/rancher is vulnerable to Exposure of Sensitive Information. The vulnerability is due to sensitive data being written to Rancher audit logs, which allows an attacker with access to these logs to obtain secret data, cluster import URLs, and registration tokens...
CVE-2024-58269
CVE-2024-58269 affects Rancher Manager where sensitive data (secrets, cluster import URLs, registration tokens) can be exposed to anyone with access to Rancher audit logs. Root cause: leakage through audit logs containing full request/response bodies, including secrets annotated in Kubernetes obj...
SUSE CVE-2024-58269
A vulnerability has been identified in Rancher Manager, where sensitive information, including secret data, cluster import URLs, and registration tokens, is exposed to any entity with access to Rancher audit logs...
Rancher exposes sensitive information through audit logs
Impact Note: The exploitation of this issue requires that the malicious user have access to Rancher’s audit log storage. A vulnerability has been identified in Rancher Manager, where sensitive information, including secret data, cluster import URLs, and registration tokens, is exposed to any enti...