2 matches found
Note Mark 授权问题漏洞
Note Mark is a web-based Markdown note-taking application developed by Leo Spratt. Version 0.19.2 of Note Mark contains an authorization vulnerability. This vulnerability stems from the IsPasswordMatch function falling back to a hardcoded bcrypt empty password placeholder, allowing unauthenticate...
PT-2022-12364 · Apache · Apache Kylin
Name of the Vulnerable Software and Affected Versions: Apache Kylin versions 2.6.6 and prior Apache Kylin versions 3.1.2 and prior Apache Kylin versions 4.0.0 and prior Description: Apache Kylin provides encryption classes PasswordPlaceholderConfigurer to help users encrypt their passwords. In th...