25 matches found
Gogs Vulnerable to Privilege Escalation via Collaboration Access Mode Validation
Summary A repository admin collaborator can escalate their privileges to owner-level access by exploiting an off-by-one error in the ChangeCollaborationAccessMode function. Vulnerable Code In internal/database/repocollaboration.go, line 129: go func r Repository ChangeCollaborationAccessModeuserI...
EUVD-2026-35072
Unexpected Status Code or Return Value vulnerability in ninenines gun gunhttp module allows a malicious HTTP server to force the client into raw protocol mode via an unsolicited 101 Switching Protocols response. In gunhttp:handleinform/8, when a 101 Switching Protocols response is received over...
CVE-2026-43974 gun HTTP/1.1 client accepts unsolicited 101 Switching Protocols response allowing server-driven protocol hijack and OOM
Unexpected Status Code or Return Value vulnerability in ninenines gun gunhttp module allows a malicious HTTP server to force the client into raw protocol mode via an unsolicited 101 Switching Protocols response. In gunhttp:handleinform/8, when a 101 Switching Protocols response is received over...
PT-2026-47300
Name of the Vulnerable Software and Affected Versions gun versions 2.0.0 through 2.3.x Description An issue in the gun http module allows a malicious HTTP server to force a client into raw protocol mode by sending an unsolicited 101 Switching Protocols response. In the handle inform/8 function, t...
CVE-2026-26993
Flare is a Next.js-based, self-hostable file sharing platform that integrates with screenshot tools. Versions 1.7.0 and below allow users to upload files without proper content validation or sanitization. By embedding malicious JavaScript within an SVG or other active content formats such as HTML...
CVE-2026-26993
Flare is a Next.js-based, self-hostable file sharing platform that integrates with screenshot tools. Versions 1.7.0 and below allow users to upload files without proper content validation or sanitization. By embedding malicious JavaScript within an SVG or other active content formats such as HTML...
CVE-2026-26993
CVE-2026-26993 affects the Flare file sharing platform (Next.js-based) up to version 1.7.0. An attacker can embed malicious JavaScript in an SVG (or HTML/XML) and trigger script execution in the app’s origin when a file is viewed in “raw” mode, enabling stored XSS and potential user data exfiltra...
PT-2026-20993
Flare is a Next.js-based, self-hostable file sharing platform that integrates with screenshot tools. Versions 1.7.0 and below allow users to upload files without proper content validation or sanitization. By embedding malicious JavaScript within an SVG or other active content formats such as HTML...
EUVD-2023-24038
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2024-4207
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A cross-site scripting issue has been discovered in GitLab affecting all versions starting from 5.1 prior 17.0.6, starting from 17.1 prior to 17.1.4, and starti...
Linux Distros Unpatched Vulnerability : CVE-2020-25864
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HashiCorp Consul and Consul Enterprise up to version 1.9.4 key-value KV raw mode was vulnerable to cross-site scripting. Fixed in 1.9.5, 1.8.10 and 1.7.14...
Directus 日志信息泄露漏洞
Directus is a real-time Api and application dashboard open-sourced by Directus. It is used to manage Sql database content. Directus suffers from a log information disclosure vulnerability that stems from access tokens being output unprocessed to logs when LOGSTYLE is set to raw...
UBUNTU-CVE-2024-4207
A cross-site scripting issue has been discovered in GitLab affecting all versions starting from 5.1 prior 17.0.6, starting from 17.1 prior to 17.1.4, and starting from 17.2 prior to 17.2.2. When viewing an XML file in a repository in raw mode, it can be made to render as HTML if viewed under...
CVE-2024-4201 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
A cross-site scripting issue has been discovered in GitLab affecting all versions starting from 5.1 before 16.10.7, all versions starting from 16.11 before 16.111.4, all versions starting from 17.0 before 17.0.2. When viewing an XML file in a repository in raw mode, it can be made to render as HT...
PT-2024-29687 · Gitlab · Gitlab
Name of the Vulnerable Software and Affected Versions: GitLab versions 5.1 through 16.10.7 GitLab versions 16.11 through 16.11.4 GitLab versions 17.0 through 17.0.2 Description: A cross-site scripting issue has been discovered in GitLab. When viewing an XML file in a repository in raw mode, it ca...
PT-2024-5591 · Gitlab · Gitlab
Name of the Vulnerable Software and Affected Versions: GitLab versions 5.1 through 17.0.6 GitLab versions 17.1 through 17.1.4 GitLab versions 17.2 through 17.2.2 Description: A cross-site scripting issue exists due to inadequate protection of the web page structure. This can be exploited by a...
Cross Site Scripting (XSS)
gitlab is vulnerable to Cross-site Scripting XSS. The vulnerability occurs when viewing a XML file in the repository in 'raw' mode which could be rendered as HTML in certain conditions, which allows an authenticated attacker to inject and execute malicious javascript on victim's browser...
GitLab 跨站脚本漏洞
GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. A security vulnerability exists in GitLab, which stems from a special method...
HashiCorp Consul Cross-site Scripting vulnerability
HashiCorp Consul and Consul Enterprise up to version 1.9.4 key-value KV raw mode was vulnerable to cross-site scripting. Fixed in 1.9.5, 1.8.10 and 1.7.14...
CVE-2020-25864
HashiCorp Consul and Consul Enterprise up to version 1.9.4 key-value KV raw mode was vulnerable to cross-site scripting. Fixed in 1.9.5, 1.8.10 and 1.7.14...