Astro Cloudflare adapter has Stored Cross-site Scripting vulnerability in /_image endpoint

Summary A Cross-Site Scripting XSS vulnerability exists in Astro when using the @astrojs/cloudflare adapter with output: 'server'. The built-in image optimization endpoint /image uses isRemoteAllowed from Astro’s internal helpers, which unconditionally allows data: URLs. When the endpoint receive...

PT-2023-3386 · Unknown · Tn-5900 Series

Name of the Vulnerable Software and Affected Versions: TN-5900 Series versions 3.3 and prior Description: The issue allows a remote attacker to determine whether a user is valid during password recovery through the web login page, potentially enabling a brute force attack with valid users. This i...

CVE-2011-4302

Moodle vulnerability CVE-2011-4302 affects MNET in Moodle: 1.9.x before 1.9.14, 2.0.x before 2.0.5, and 2.1.x before 2.1.2. The issue is improper processing of the return value from openssl_verify in mnet/xmlrpc/client.php, allowing remote attackers to bypass certificate validation with a crafted...

Oracle Database 10.1.0.5 10.2.0.4 - AUTH_SESSKEY Length Validation Remote Buffer Overflow

Oracle Database 10.1.0.5 10.2.0.4 - AUTHSESSKEY Length Validation Remote Buffer Overflow include include include include include include void ssend SOCKET s, char msg, DWORD size int sent; printf "ssend: begin: %d bytes\n", size; sent=send s, charmsg, size, 0; if sent==SOCKETERROR printf "send -...

Change a user's password remotely

I would like to be able to change a user's password remotely. Suggested API and implementation as follows: codevoid changePasswordUser admin, String username, String password throws RemoteException, RemoteValidationException, RemotePermissionException;code code public void changePasswordUser admi...