6 matches found
CVE-2026-44200
Wagtail is an open source content management system built on Django. Prior to 7.0.7, 7.3.2, and 7.4, a CMS user with limited access to pages could copy a page they don't have access to to an area of the site they do. Once coped, they'd be able to view its contents, and potentially publish it...
CVE-2026-44200
CVE-2026-44200 Overview (Wagtail) : Wagtail (Django-based CMS) had a permission flaw where a user with limited access to pages could copy a page they cannot access to a location they can, then view its contents and potentially publish it. The root cause was that source-page permissions were not e...
PT-2026-39235
Name of the Vulnerable Software and Affected Versions Wagtail versions prior to 7.0.7 Wagtail versions prior to 7.3.2 Description Improper permission handling allows a CMS user with limited page access to copy a page they are not authorized to access to a site area where they do have permissions...
Malicious code in teate-thy-sonic-rahhek (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f9f71e9a06c3c104fab7fbf1c89c3d8ddf504cbdff977b96290fb42d07b65984 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in riyanto-poke61 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af7908611f8fe804342d7507f70b24d0e882273b5a32c3914423cddcd54d690d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2022-6068
Malicious code in bioql PyPI...