3 matches found
CVE-2026-34454 OAuth2 Proxy: Session cookie not cleared when rendering sign-in page
OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. A regression introduced in 7.11.0 prevents OAuth2 Proxy from clearing the session cookie when rendering the sign-in page. In deployments that rely on the sign-in page as part of their logout flow, a user may be...
WordPress Modern Events Calendar plugin <= 7.11.0 - Authenticated Arbitrary File Upload vulnerability
Authenticated Arbitrary File Upload vulnerability discovered by Foxyyy in WordPress Plugin Modern Events Calendar versions = 7.11.0...
Elastic Stack 7.11.0 Security Update
Elasticsearch field disclosure flaw ESA-2021-05 A document disclosure flaw was found in Elasticsearch when Document or Field Level Security is used. Get requests do not properly apply security permissions when executing a query against a recently updated document. This affects documents that have...