4 matches found
CVE-2026-16075
CVE-2026-16075 affects AstrBotDevs AstrBot up to 4.25.5. The flaw is in the function OpenApiRoute.get_chat_sessions (file astrbot/dashboard/routes/open_api.py) of the session-listing Endpoint. By manipulating the Username argument, an authorization bypass is possible, and the issue can be exploit...
PT-2026-60919
A flaw has been found in AstrBotDevs AstrBot up to 4.25.5. This vulnerability affects the function OpenApiRoute.get chat sessions of the file astrbot/dashboard/routes/open api.py of the component session-listing Endpoint. This manipulation of the argument Username causes authorization bypass. It ...
Chamilo LMS 跨站脚本漏洞
Chamilo LMS is an open-source online learning and collaboration system developed by Chamilo. This system supports the creation of teaching content, remote training, and online quizzes. Versions of Chamilo LMS prior to 1.11.34 contained a cross-site scripting vulnerability. This vulnerability...
ZITADEL Security Vulnerabilities
ZITADEL is a modern open source alternative to Auth0, Firebase Auth, AWS Cognito, and Keycloak built for the age of containers and serverless, open sourced by ZITADEL in Switzerland. ZITADEL suffers from a security vulnerability that stems from the fact that due to a lack of checks, user sessions...