Boost Note 注入漏洞

Boost Note is an open source developer-friendly workspace with IDE-like UX. it provides the following features focusing on information management and searchability. A security vulnerability exists in Boost Note versions prior to 0.22.0 that stems from a lack of effective filtering and validation ...

PT-2021-17779 · Camunda · Camunda Modeler

Name of the Vulnerable Software and Affected Versions: Camunda Modeler versions through 4.6.0 Description: The issue allows arbitrary file access. A remote attacker may send a crafted IPC message to the exposed vulnerable ipcRenderer IPC interface, which manipulates the readFile and writeFile API...