XWiki Platform 安全漏洞

XWiki Platform is XWiki's open source suite of Wiki platforms for creating web collaboration applications. A security vulnerability exists in XWiki Platform versions prior to 15.10.12, prior to 16.4.3, and prior to 16.8.0-rc-1, which stems from a missing programmatic privilege warning that could...

HackerOne: Issue with VDP Program's Transition to Private Status and Missing Warning Labels on ORG Invitation

Vulnerability description not provided...

CVE-2024-36735

OneFlow-Inc. Oneflow v0.9.1 does not display an error or warning when the oneflow.eye parameter is floating...

CVE-2024-3863

The executable file warning was not presented when downloading .xrm-ms files. Note: This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10...

SUSE CVE-2018-7685

The decoupled download and installation steps in libzypp before 17.5.0 could lead to a corrupted RPM being left in the cache, where a later call would not display the corrupted RPM warning and allow installation, a problem caused by malicious warnings only displayed during download...

Missing warning can lead to unauthenticated admin access in SilverStripe

In SilverStripe through 4.3.3, a missing warning about leaving install.php in a public webroot can lead to unauthenticated admin access...