5 matches found
EUVD-2024-21275
Malicious code in bioql PyPI...
CVE-2024-23832
Mastodon is a free, open-source social network server based on ActivityPub Mastodon allows configuration of LDAP for authentication. Due to insufficient origin validation in all Mastodon, attackers can impersonate and take over any remote account. Every Mastodon version prior to 3.5.17 is...
CVE-2024-23832 Mastodon Remote user impersonation and takeover
Mastodon is a free, open-source social network server based on ActivityPub Mastodon allows configuration of LDAP for authentication. Due to insufficient origin validation in all Mastodon, attackers can impersonate and take over any remote account. Every Mastodon version prior to 3.5.17 is...
Bobronix JEditor editor for Jira cross-site request forgery vulnerability
Bobronix JEditor editor for Jira is a rich text editor for Jira from Bobronix Cyprus. A cross-site request forgery vulnerability exists in Bobronix JEditor editor for Jira versions prior to 3.0.6. The vulnerability stems from a WEB application that does not adequately validate that a request is...
CVE-2019-5773
CVE-2019-5773 : Insufficient origin validation in IndexedDB in Google Chrome before 72.0.3626.81 allows a remote attacker who compromised the renderer process to bypass the same-origin policy via a crafted HTML page. Affected product/version: Google Chrome (IndexedDB). Root cause: origin validati...