(Pwn2Own) QNAP TS-464 reset_password.cgi Improper Certificate Validation Information Disclosure Vulnerability

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of QNAP TS-464 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the resetpassword.cgi endpoint. The issue results from the lack of...

GHSA-QQ5H-RJJ9-Q9QG RuoYi vulnerable to Denial of Service by attackers with admin privileges

An issue in the reset password interface of ruoyi v4.8.0 allows attackers with Admin privileges to cause a Denial of Service DoS by duplicating the login name of the account...

RuoYi vulnerable to Denial of Service by attackers with admin privileges

An issue in the reset password interface of ruoyi v4.8.0 allows attackers with Admin privileges to cause a Denial of Service DoS by duplicating the login name of the account...