Tyler Identity Local 安全漏洞

Tyler Identity Local is a government and public sector identity authentication and local identity management system developed by the American company Tyler. Tyler Identity Local has a security vulnerability, which stems from the use of documented default management credentials. Users do not need ...

CVE-2026-42560 auth: Patreon provider assigns the same local user ID to every authenticated Patreon account, enabling cross‑user impersonation

auth provides authentication via oauth2, direct and email. From versions 1.18.0 to before 1.25.2 and 2.0.0 to before 2.1.2, the Patreon OAuth provider maps every authenticated Patreon account to the same local user.ID, instead of deriving a unique ID from the Patreon account returned by Patreon. ...

EUVD-2022-27276

Malicious code in bioql PyPI...

CVE-2022-22127

Tableau is aware of a broken access control vulnerability present in Tableau Server affecting Tableau Server customers using Local Identity Store for managing users. The vulnerability allows a malicious site administrator to change passwords for users in different sites hosted on the same Tableau...

CVE-2022-40724

The PingFederate Local Identity Profiles '/pf/idprofile.ping' endpoint is vulnerable to Cross-Site Request Forgery CSRF through crafted GET requests...

CVE-2022-40724

The PingFederate Local Identity Profiles '/pf/idprofile.ping' endpoint is vulnerable to Cross-Site Request Forgery CSRF through crafted GET requests...

CVE-2022-40724 Cross-Site Request Forgery on PingFederate Local Identity Profiles Endpoint.

The PingFederate Local Identity Profiles '/pf/idprofile.ping' endpoint is vulnerable to Cross-Site Request Forgery CSRF through crafted GET requests...

CVE-2022-40724

CVE-2022-40724 affects PingFederate Local Identity Profiles endpoint /pf/idprofile.ping and is a Cross-Site Request Forgery vulnerability triggered by crafted GET requests. Root cause: CSRF on the /pf/idprofile.ping endpoint as described in the CVE record. Impact, per NVD metrics, include high co...

Tableau Server Broken Access Control (CVE-2022-22127)

Tableau is aware of a broken access control vulnerability present in Tableau Server affecting Tableau Server customers using Local Identity Store for managing users. The vulnerability allows a malicious site administrator to change passwords for users in different sites hosted on the same Tableau...

CVE-2022-22127

Tableau is aware of a broken access control vulnerability present in Tableau Server affecting Tableau Server customers using Local Identity Store for managing users. The vulnerability allows a malicious site administrator to change passwords for users in different sites hosted on the same Tableau...

CVE-2022-22127

Tableau is aware of a broken access control vulnerability present in Tableau Server affecting Tableau Server customers using Local Identity Store for managing users. The vulnerability allows a malicious site administrator to change passwords for users in different sites hosted on the same Tableau...

CVE-2022-22127

Tableau is aware of a broken access control vulnerability present in Tableau Server affecting Tableau Server customers using Local Identity Store for managing users. The vulnerability allows a malicious site administrator to change passwords for users in different sites hosted on the same Tableau...

CVE-2022-22127

Tableau Server (Local Identity Store) is affected by a broken access control vulnerability (CVE-2022-22127). A malicious site administrator can change passwords for users across different sites hosted on the same Tableau Server, enabling unauthorized access to data. Affected versions include 2020...

PT-2022-15263 · Tableau · Tableau Server

Name of the Vulnerable Software and Affected Versions: Tableau Server versions 2020.4.16 through 2021.4.4 and earlier Description: A broken access control issue is present in Tableau Server, affecting customers who use Local Identity Store for user management. This issue allows a malicious site...