15 matches found
CVE-2024-1525
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.1 before 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1. Under some specialized conditions, an LDAP user may be able to reset their password using their...
CVE-2024-1525
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.1 before 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1. Under some specialized conditions, an LDAP user may be able to reset their password using their...
UBUNTU-CVE-2024-1525
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.1 before 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1. Under some specialized conditions, an LDAP user may be able to reset their password using their...
Default credentials
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.1 before 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1. Under some specialized conditions, an LDAP user may be able to reset their password using their...
Zoho ManageEngine ServiceDesk Cross-Site Scripting (CVE-2021-46065)
A cross-site scripting vulnerability exists in Zoho ManageEngine ServiceDesk. The vulnerability is due to improper sanitization of secondary email field parameter...
CVE-2022-2326
An issue has been discovered in GitLab CE/EE affecting all versions before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. It may be possible to gain access to a private project through an email invite by using other user's email address as an...
GitLab CE/EE 安全漏洞
GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD continuous integration and continuous delivery, and other features. A security vulnerability exists in GitLab CE/EE that originates from an email...
CVE-2021-46065
A Cross-site scripting XSS vulnerability in Secondary Email Field in Zoho ManageEngine ServiceDesk Plus 11.3 Build 11306 allows an attackers to inject arbitrary JavaScript code...
CVE-2021-46065
A Cross-site scripting XSS vulnerability in Secondary Email Field in Zoho ManageEngine ServiceDesk Plus 11.3 Build 11306 allows an attackers to inject arbitrary JavaScript code...
CVE-2021-46065
A Cross-site scripting XSS vulnerability in Secondary Email Field in Zoho ManageEngine ServiceDesk Plus 11.3 Build 11306 allows an attackers to inject arbitrary JavaScript code...
Cross site scripting
A Cross-site scripting XSS vulnerability in Secondary Email Field in Zoho ManageEngine ServiceDesk Plus 11.3 Build 11306 allows an attackers to inject arbitrary JavaScript code...
CVE-2021-46065
A Cross-site scripting XSS vulnerability in Secondary Email Field in Zoho ManageEngine ServiceDesk Plus 11.3 Build 11306 allows an attackers to inject arbitrary JavaScript code...
ZOHO ManageEngine ServiceDesk Plus 跨站脚本漏洞
ZOHO ManageEngine ServiceDesk Plus SDP is the United States ZhuoHao ZOHO company's set of ITIL-based architecture of IT service management software. The software integrates Incident Management, Problem Management, Asset Management IT Project Management, Procurement and Contract Management and oth...
Weblate: CSRF - Changing the full name / adding a secondary email identity of an account via a GET request
SUMMARY ---------- Hello, I have found a CSRF request via the activation email that will change the full name of the targeted account. This vulnerability exists if the attacker registers a new account and then gives his activation link to someone else. If the victim uses the received activation...
LinkedIn Clickjacking / Open Redirection
Linkedin's Clickjacking & Open Url Redirection Vulnerabilities Vulnerability Title: Secondary Email Addition & Deletion Via Click Jacking in Linkedin Website Link: Tried on Indian version Found on: 06/08/2012 Author: Ajay Singh Negi Version: All language versions would be vulnerable Tested on:...