5 matches found
GHSA-2M4Q-2C6R-HMC3 Solon Vulnerable to Path Traversal
A vulnerability classified as problematic was found in opensolon up to 3.1.0. This vulnerability affects the function rendermav of the file /aa of the component org.noear.solon.core.handle.RenderManager. The manipulation of the argument template with the input ../org/example/HelloApp.class leads ...
Solon Vulnerable to Path Traversal
A vulnerability classified as problematic was found in opensolon up to 3.1.0. This vulnerability affects the function rendermav of the file /aa of the component org.noear.solon.core.handle.RenderManager. The manipulation of the argument template with the input ../org/example/HelloApp.class leads ...
CVE-2025-2961 opensolon org.noear.solon.core.handle.RenderManager aa render_mav path traversal
A vulnerability classified as problematic was found in opensolon up to 3.1.0. This vulnerability affects the function rendermav of the file /aa of the component org.noear.solon.core.handle.RenderManager. The manipulation of the argument template with the input ../org/example/HelloApp.class leads ...
XSS in the Widget Connector
I've been working with the widget connector today and reading through the code when I noticed that the media uris are not being handled securely. try this: widget:url=youtube.com/v="alert'xss' In general there is not a unified way to prevent issues like this in the widget extensions and it is up ...
XSS in the Widget Connector
I've been working with the widget connector today and reading through the code when I noticed that the media uris are not being handled securely. try this: widget:url=youtube.com/v="alert'xss' In general there is not a unified way to prevent issues like this in the widget extensions and it is up ...