PT-2024-40192 · Unknown · Camaleon Cms +1

Name of the Vulnerable Software and Affected Versions: Camaleon CMS affected versions not specified Description: A stored cross-site scripting issue has been found in the image upload functionality, allowing normal registered users to upload SVG images containing JavaScript or HTML documents by...

Github Clearance 输入验证错误漏洞

Github Clearance is using email and password for Rails authentication. An input validation error vulnerability exists in clearance, which stems from the fact that if the value used for returnto contains multiple leading slashes //////example.com, the user ends up being redirected to an external...

CVE-2015-7576

The httpbasicauthenticatewith method in actionpack/lib/actioncontroller/metal/httpauthentication.rb in the Basic Authentication implementation in Action Controller in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not use a...