2360 matches found
PT-2024-14019 · Ibm · Ibm Powersc
Name of the Vulnerable Software and Affected Versions: IBM PowerSC versions 1.3 through 2.1 Description: The issue allows an authenticated user to impersonate another user on the system because sessions are not invalidated after logout. Recommendations: For IBM PowerSC versions 1.3 through 2.1,...
kernel: scsi: iscsi_tcp: Fix UAF during logout when accessing the shost ipaddress
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: Fix UAF during logout when accessing the shost ipaddress Bug report and analysis from Ding Hui. During iSCSI session logout, if another task accesses the shost ipaddress attr, we can get a KASAN UAF report like...
kernel: scsi: iscsi_tcp: Fix UAF during logout when accessing the shost ipaddress
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: Fix UAF during logout when accessing the shost ipaddress Bug report and analysis from Ding Hui. During iSCSI session logout, if another task accesses the shost ipaddress attr, we can get a KASAN UAF report like...
kernel: scsi: iscsi_tcp: Fix UAF during logout when accessing the shost ipaddress
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: Fix UAF during logout when accessing the shost ipaddress Bug report and analysis from Ding Hui. During iSCSI session logout, if another task accesses the shost ipaddress attr, we can get a KASAN UAF report like...
Open Redirect
Flarum is vulnerable to Open Redirect. The vulnerability is caused due to a lack of proper sanitization in the handling of the redirect parameters within the /logout route. This allows an attacker to craft a URL with a malicious redirect parameter...
CVE-2024-21641
Flarum is open source discussion platform software. Prior to version 1.8.5, the Flarum /logout route includes a redirect parameter that allows any third party to redirect users from a trusted domain of the Flarum installation to redirect to any link. For logged-in users, the logout must be...
CVE-2024-21641 Flarum's Logout Route allows open redirects
Flarum is open source discussion platform software. Prior to version 1.8.5, the Flarum /logout route includes a redirect parameter that allows any third party to redirect users from a trusted domain of the Flarum installation to redirect to any link. For logged-in users, the logout must be...
CVE-2024-21641 Flarum's Logout Route allows open redirects
Flarum is open source discussion platform software. Prior to version 1.8.5, the Flarum /logout route includes a redirect parameter that allows any third party to redirect users from a trusted domain of the Flarum installation to redirect to any link. For logged-in users, the logout must be...
GHSA-733R-8XCP-W9MR Flarum's logout Route allows open redirects
Impact The Flarum /logout route includes a redirect parameter that allows any third party to redirect users from a trusted domain of the Flarum installation to redirect to any link. Sample: example.com/logout?return=https://google.com. For logged-in users, the logout must be confirmed. Guests are...
Flarum's logout Route allows open redirects
Impact The Flarum /logout route includes a redirect parameter that allows any third party to redirect users from a trusted domain of the Flarum installation to redirect to any link. Sample: example.com/logout?return=https://google.com. For logged-in users, the logout must be confirmed. Guests are...
Flarum Input Validation Error Vulnerability
Flarum is an open source forum system for the Flarum community. An input validation error vulnerability exists in Flarum versions prior to 1.8.5, which stems from the logout route containing a redirection parameter that allows any third party to redirect users from a trusted domain to any link...
PT-2024-18991 · Flarum · Flarum
Name of the Vulnerable Software and Affected Versions: Flarum versions prior to 1.8.5 Description: The Flarum /logout route includes a redirect parameter that allows any third party to redirect users from a trusted domain of the Flarum installation to any link. For logged-in users, the logout mus...
MdAlAmin-aol Own Health Record Cross-Site Request Forgery Vulnerability
MdAlAmin-aol Own Health Record is a personal health record software by the individual developer of MdAlAmin-aol. A cross-site request forgery vulnerability exists in MdAlAmin-aol Own Health Record, which stems from a cross-site request forgery vulnerability in the file includes/logout.php. Affect...
PT-2023-10833 · Unknown · Mdalamin-Aol Own Health Record
Name of the Vulnerable Software and Affected Versions: MdAlAmin-aol Own Health Record versions 0.1-alpha through 0.3.1-alpha Description: This issue affects some unknown processing of the file includes/logout.php. The manipulation leads to cross-site request forgery. The attack may be initiated...
CVE-2023-41648
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Swapnil V. Patil Login and Logout Redirect.This issue affects Login and Logout Redirect: from n/a through 2.0.3...
CVE-2023-41648
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Swapnil V. Patil Login and Logout Redirect.This issue affects Login and Logout Redirect: from n/a through 2.0.3...
CVE-2023-41648
CVE-2023-41648 is an Open Redirect vulnerability affecting the WordPress plugin Login and Logout Redirect by Swapnil V. Patil (versions n/a through 2.0.3). The issue allows redirection to untrusted sites via the plugin’s login/logout redirect flow. Public details in connected sources name the aff...
CVE-2023-41648 WordPress Login and Logout Redirect Plugin <= 2.0.3 is vulnerable to Open Redirection
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Swapnil V. Patil Login and Logout Redirect.This issue affects Login and Logout Redirect: from n/a through 2.0.3...
CVE-2023-41648 WordPress Login and Logout Redirect Plugin <= 2.0.3 is vulnerable to Open Redirection
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Swapnil V. Patil Login and Logout Redirect.This issue affects Login and Logout Redirect: from n/a through 2.0.3...
WordPress plugin Login and Logout Redirect Input Validation Error Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. An input validation error vulnerability...