4 matches found
CVE-2026-3527 AJAX Dashboard - Critical - Access bypass - SA-CONTRIB-2026-022
Missing Authentication for Critical Function vulnerability in Drupal AJAX Dashboard allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AJAX Dashboard: from 0.0.0 before 3.1.0...
PT-2023-19958 · Discourse · Discourse
Name of the Vulnerable Software and Affected Versions: Discourse versions prior to 3.0.1 of the stable branch Discourse versions prior to 3.1.0.beta2 of the beta and tests-passed branches Description: Discourse is an open-source discussion platform. A maliciously crafted URL can be included in a...
GHSA-H3QG-W9J5-WH3M Mattermost Server is vulnerable to XSS through lack of link relationship attributes `noreferrer` and `noopener`
An issue was discovered in Mattermost Server before 3.1.0. It allows XSS because the noreferrer and noopener protection mechanisms were not in place...
HTTPie 信息泄露漏洞
HTTPie is a command line HTTP client. An information disclosure vulnerability exists in HTTPie, which stems from the product's didna not being able to distinguish between hosts to which a cookie belongs. This vulnerability can be exploited to cause cookie disclosure. The following products and...