Lucene search
K

4 matches found

Github Security Blog
Github Security Blog
added 2026/03/13 8:5 p.m.6 views

OneUptime: Password Reset Token Logged at INFO Level

Summary The password reset flow logs the complete password reset URL — containing the plaintext reset token — at INFO log level, which is enabled by default in production. Anyone with access to application logs log aggregation, Docker logs, Kubernetes pod logs can intercept reset tokens and perfo...

6.9CVSS5.9AI score0.00235EPSS
Exploits1References4Affected Software1
CNVD
CNVD
added 2025/07/30 12:0 a.m.3 views

WordPress Dataverse Integration Missing Authorization Vulnerability

WordPress Dataverse Integration is a plugin mainly used to connect WordPress with Dataverse to achieve two-way data synchronization and business application integration. WordPress Dataverse Integration suffers from a lack of authorization vulnerability, which stems from a lack of authorization...

8.8CVSS7.1AI score0.00568EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/07/24 12:0 a.m.3 views

WordPress plugin Dataverse Integration 安全漏洞

WordPress Dataverse Integration is a plugin mainly used to connect WordPress with Dataverse to achieve two-way data synchronization and business application integration. WordPress Dataverse Integration suffers from a lack of authorization vulnerability, which stems from a lack of authorization...

8.8CVSS7AI score0.00568EPSS
Exploits0References5
CNVD
CNVD
added 2020/04/14 12:0 a.m.3 views

Logic flaw vulnerability in human capital management platform of P&L Software Co.

P&T Software is a large-scale enterprise management informatization solutions and IT integrated service provider, mainly for petroleum, chemical, construction, real estate, electric power, minerals, equipment manufacturing, banking, insurance, government and other industries, widely engaged in...

6.8AI score
Exploits0
Rows per page
Query Builder