6 matches found
PYSEC-2026-148
Wagtail is an open source content management system built on Django. Prior to 7.0.7, 7.3.2, and 7.4, a CMS user with limited access to form pages could delete submissions to form pages they don't have access to by crafting a form submission to delete submissions on a page they do have access to f...
CVE-2026-44199 Wagtail: Improper permission handling when deleting form submissions
Wagtail is an open source content management system built on Django. Prior to 7.0.7, 7.3.2, and 7.4, a CMS user with limited access to form pages could delete submissions to form pages they don't have access to by crafting a form submission to delete submissions on a page they do have access to f...
EUVD-2025-18305
Malicious code in bioql PyPI...
XWiki Platform 注入漏洞
XWiki Platform is a suite of Wiki platforms for creating Web collaboration applications from XWiki France. XWiki Platform suffers from an injection vulnerability that stems from the ability to display or interact with any page that is inaccessible to the user through a combination of asynchronous...
CVE-2017-1000143
Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 and 15.04 before 15.04.0 are vulnerable to users receiving watchlist notifications about pages they do not have access to anymore...
Revive Adserver < 3.2.2 Multiple Vulnerabilities (REVIVE-SA-2015-001)
Revive Adserver is prone to multiple vulnerabilities. Copyright C 2015 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...