izone 安全漏洞

izone is a Django-based blogging project by the individual developer of Hopetree. A security vulnerability exists in izone, which stems from the AddCommintView function in appscommentviews.py contains a cross-site scripting XSS vulnerability...

CVE-2024-50811

hopetree izone lts c011b48 contains a server-side request forgery SSRF vulnerability in the active push function as \apps\tool\apis\bdpush.py does not securely filter user input through pushurls and geturls...