4 matches found
Open WebUI 安全漏洞
Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI that is open source. Versions of Open WebUI prior to 0.1.124 contained security vulnerabilities. These vulnerabilities stemmed from APIs that did not properly verify whether the user had the authorized user role. When...
CVE-2021-32691
Apollos Apps is an open source platform for launching church-related apps. In Apollos Apps versions prior to 2.20.0, new user registrations are able to access anyone's account by only knowing their basic profile information name, birthday, gender, etc. This includes all app functionality within t...
Apollos Apps 授权问题漏洞
Apollos Apps is an open source platform for distributing church-related applications. Apollos Apps suffers from an authorization issue vulnerability that stems from the fact that new user registrations only need to know basic personal information about anyone name, birthday, gender, etc. in order...
Freemius Library < 2.2.4 - Subscriber+ Arbitrary Option Update
Description The library, used in numerous plugins, does not have proper authorisation when updating blog options, allowing any authenticated users, such as subscriber to update arbitrary options As any authenticated user: Enable new user registrations:...