3 matches found
Metrics::Any::Adapter::SignalFx 注入漏洞
Metrics::Any::Adapter::SignalFx is a Perl metric collection adapter module developed by PEVANS’ personal developers. Versions of Metrics::Any::Adapter::SignalFx prior to version 0.04 contained an injection vulnerability. This vulnerability occurred because the labels function did not check for li...
CVE-2025-24017
YesWiki is a wiki system written in PHP. Versions up to and including 4.4.5 are vulnerable to any end-user crafting a DOM based XSS on all of YesWiki's pages which is triggered when a user clicks on a malicious link. The vulnerability makes use of the search by tag feature. When a tag doesn't...
U.S. Dept Of Defense: Dashboard sharing enables code injection into ████ emails
Summary: An attacker is able to share their dashboard with other █████████ users. When sharing their dashboard, the message is not fully sanitized for HTML characters before sending to the recipient. This allows the attacker to craft a believable spearphishing e-mail coming from an e-mail address...