13 matches found
EUVD-2020-12560
Malware in sbrugna...
CVE-2025-11289
CVE-2025-11289 affects westboy CicadasCMS, specifically the Save function in TemplateFileServiceImpl.java (Template Management Page). The vulnerability enables cross-site scripting and can be triggered remotely. Public disclosures exist for the exploit. Connected documents indicate remediation by...
EUVD-2024-2170
Malicious code in bioql PyPI...
MAL-2025-27563 Malicious code in nit-template-service-core-lib (npm)
The package nit-template-service-core-lib was found to contain malicious code...
Malicious code in nit-template-service-core-lib (npm)
The package nit-template-service-core-lib was found to contain malicious code...
CVE-2020-28246
A Server-Side Template Injection SSTI was discovered in Form.io 2.0.0. This leads to Remote Code Execution during deletion of the default Email template URL. NOTE: the email templating service was removed after 2020. Additionally, the vendor disputes this issue indicating this is sandboxed and on...
Design/Logic Flaw
Pentaho Business Analytics Server versions before 9.2.0.2 and 8.3.0.25 using the Pentaho Analyzer plugin exposes a service endpoint for templates which allows a user-supplied path to access resources that are out of bounds. The software uses external input to construct a pathname that is intended...
Hitachi Pentaho Business Analytics 路径遍历漏洞
Hitachi Pentaho Business Analytics is a business analytics platform from Hitachi, Japan, Inc. for securely accessing, integrating, manipulating, visualizing and analyzing big data assets. A security vulnerability exists in Hitachi Pentaho Business Analytics version 9.2.0.2 prior to version 9.2 an...
CVE-2020-1705
A vulnerability was found in openshift/template-service-broker-operator in all 4.x.x versions prior to 4.3.0, where an insecure modification vulnerability in the /etc/passwd file was found in the openshift/template-service-broker-operator. An attacker with access to the container could use this...
CVE-2020-1705
A vulnerability was found in openshift/template-service-broker-operator in all 4.x.x versions prior to 4.3.0, where an insecure modification vulnerability in the /etc/passwd file was found in the openshift/template-service-broker-operator. An attacker with access to the container could use this...
CVE-2020-1705
The CVE-2020-1705 issue affects openshift/template-service-broker-operator prior to version 4.3.0. The root cause is an insecure modification vulnerability in /etc/passwd, allowing an attacker with container access to modify /etc/passwd and escalate privileges (local, with low privileges required...
PT-2020-14904 · Red Hat · Openshift/Template-Service-Broker-Operator
Name of the Vulnerable Software and Affected Versions: openshift/template-service-broker-operator versions prior to 4.3.0 Description: A flaw was discovered in the openshift/template-service-broker-operator, where an insecure modification vulnerability in the /etc/passwd file allows an attacker...
CVE-2020-1705
An insecure modification vulnerability in the /etc/passwd file was found in the openshift/template-service-broker-operator. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges...