15 matches found
CVE-2026-30954
LinkAce is a self-hosted archive to collect website links. In 2.1.0 and earlier, the processTaxonomy method in LinkRepository.php allows authenticated users to attach other users' private tags and lists to their own links by passing integer IDs...
CVE-2026-30954
LinkAce is a self-hosted archive to collect website links. In 2.1.0 and earlier, the processTaxonomy method in LinkRepository.php allows authenticated users to attach other users' private tags and lists to their own links by passing integer IDs...
CVE-2026-30954 LinkAce has a Cross-User Tag/List Attachment IDOR in processTaxonomy()
LinkAce is a self-hosted archive to collect website links. In 2.1.0 and earlier, the processTaxonomy method in LinkRepository.php allows authenticated users to attach other users' private tags and lists to their own links by passing integer IDs...
CVE-2026-30954 LinkAce has a Cross-User Tag/List Attachment IDOR in processTaxonomy()
LinkAce is a self-hosted archive to collect website links. In 2.1.0 and earlier, the processTaxonomy method in LinkRepository.php allows authenticated users to attach other users' private tags and lists to their own links by passing integer IDs...
CVE-2026-30954
LinkAce is a self-hosted archive to collect website links. In 2.1.0 and earlier, the processTaxonomy method in LinkRepository.php allows authenticated users to attach other users' private tags and lists to their own links by passing integer IDs...
EUVD-2026-10876
LinkAce is a self-hosted archive to collect website links. In 2.1.0 and earlier, the processTaxonomy method in LinkRepository.php allows authenticated users to attach other users' private tags and lists to their own links by passing integer IDs...
EUVD-2026-10877
LinkAce is a self-hosted archive to collect website links. In 2.1.0 and earlier, the processTaxonomy method in LinkRepository.php allows authenticated users to attach other users' private tags and lists to their own links by passing integer IDs...
CVE-2026-30954 LinkAce has a Cross-User Tag/List Attachment IDOR in processTaxonomy()
LinkAce is a self-hosted archive to collect website links. In 2.1.0 and earlier, the processTaxonomy method in LinkRepository.php allows authenticated users to attach other users' private tags and lists to their own links by passing integer IDs...
LinkAce 安全漏洞
LinkAce is a self-hosted repository developed by Kevin Woblick, designed to collect links to your favorite websites. Versions of LinkAce 2.1.0 and earlier contained security vulnerabilities, stemming from an improper authorization in the processTaxonomy method. This vulnerability could potentiall...
CVE-2025-62721 LinkAce: Authorization Bypass Allows Unauthorized Access to All Private Links, Lists, and Tags
LinkAce is a self-hosted archive to collect website links. In versions 2.3.1 and below, authenticated RSS feed endpoints in the FeedController class fail to implement proper authorization checks, allowing any authenticated user to access all links, lists, and tags from all users in the system,...
CVE-2025-62721 LinkAce: Authorization Bypass Allows Unauthorized Access to All Private Links, Lists, and Tags
LinkAce is a self-hosted archive to collect website links. In versions 2.3.1 and below, authenticated RSS feed endpoints in the FeedController class fail to implement proper authorization checks, allowing any authenticated user to access all links, lists, and tags from all users in the system,...
EUVD-2023-29711
Malicious code in bioql PyPI...
CVE-2023-25819
Discourse is an open source platform for community discussion. Tags that are normally private are showing in metadata. This affects any site running the tests-passed or beta branches = 3.1.0.beta2. The issue is patched in the latest beta and tests-passed version of Discourse...
CVE-2023-25819 Discourse tags with no visibility are leaking into og:article:tag
Discourse is an open source platform for community discussion. Tags that are normally private are showing in metadata. This affects any site running the tests-passed or beta branches = 3.1.0.beta2. The issue is patched in the latest beta and tests-passed version of Discourse...
Discourse 信息泄露漏洞
Discourse is an open source community discussion platform. The platform includes features such as communities, email and chat rooms. Discourse suffers from a security vulnerability that stems from private tags being displayed in metadata...