baserCMS 跨站脚本漏洞

BaserCMS is a corporate-level content management system CMS developed by the baserCMS team. Versions of baserCMS prior to 5.2.3 had a cross-site scripting vulnerability; this vulnerability originated from a blog article-related feature module and made it susceptible to cross-site scripting attack...

Linux Distros Unpatched Vulnerability : CVE-2019-16220

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In WordPress before 5.2.3, validation and sanitization of a URL in wpvalidateredirect in wp- includes/pluggable.php could lead to an open redirect if a provided...

PT-2024-23108 · Silverstripe · Silverstripe/Reports

Name of the Vulnerable Software and Affected Versions: silverstripe/reports versions prior to 5.2.3 Description: The issue allows reports to be accessed by their direct URL by any user who has access to view the reports admin section, even if the canView method for that report returns false...

Plone XXE Vulnerability

Plone is an open source content management system. A XXE XML External Entity Injection vulnerability exists in Plone versions prior to 5.2.3. An attacker can exploit this vulnerability to conduct XXE attacks...

grafana: authentication bypass knowing only a username of an LDAP or OAuth user

Grafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an attacker can generate a valid "remember me" cookie knowing only a username of an LDAP or OAuth user...