JVN#86026700: Multiple vulnerabilities in GroupSession

GroupSession provided by Japan Total System Co.,Ltd. contains multiple vulnerabilities listed below. Cross-site scripting vulnerability CWE-79 - CVE-2021-20785 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N| Base Score: 6.1 CVSS v2|...

Sever Side Request Forgery (SSRF) Via Unauthorised Access To Docker API

github.com/portainer/portainer is vulnerable to unauthorized access to docker API. The access is granted as the application does not validate the endpoint access requests, allowing unauthorized users to access internal Docker API, consequently allowing an attacker to leverage sever side request...