CVE-2026-39964

TypeBot (viewer at packages/embeds/js) before version 3.16.0 renders rich-text bubble links without filtering javascript: URIs. A bot author can set a link to javascript:PAYLOAD, which executes in the visitor’s browser context when clicked, allowing the attacker’s code to run with the host page’s...

EUVD-2018-16901

Malware in sbrugna...

insa-auth 输入验证错误漏洞

insa-auth is an authentication service tool from genda open source. An input validation error vulnerability exists in insa-auth, which originates from a third-party website that has access to a server-assisted authentication bridge and may disclose basic information...

IdentityServer Open Redirect vulnerability

Impact It is possible for an attacker to craft malicious Urls that certain functions in IdentityServer will incorrectly treat as local and trusted. If such a Url is returned as a redirect, some browsers will follow it to a third-party, untrusted site. Affected Methods - In the...

CVE-2024-39694 Duende IdentityServer Open Redirect vulnerability

Duende IdentityServer is an OpenID Connect and OAuth 2.x framework for ASP.NET Core. It is possible for an attacker to craft malicious Urls that certain functions in IdentityServer will incorrectly treat as local and trusted. If such a Url is returned as a redirect, some browsers will follow it t...

CVE-2024-39694 Duende IdentityServer Open Redirect vulnerability

Duende IdentityServer is an OpenID Connect and OAuth 2.x framework for ASP.NET Core. It is possible for an attacker to craft malicious Urls that certain functions in IdentityServer will incorrectly treat as local and trusted. If such a Url is returned as a redirect, some browsers will follow it t...

CVE-2024-38505

In JetBrains YouTrack before 2024.2.34646 user access token was sent to the third-party site...

CVE-2024-38505

In JetBrains YouTrack before 2024.2.34646 user access token was sent to the third-party site...

CVE-2024-2449

A cross-site request forgery vulnerability has been identified in LoadMaster. It is possible for a malicious actor, who has prior knowledge of the IP or hostname of a specific LoadMaster, to direct an authenticated LoadMaster administrator to a third-party site. In such a scenario, the CSRF...

PT-2024-3306 · Kemp Technologies · Loadmaster

Name of the Vulnerable Software and Affected Versions: LoadMaster affected versions not specified Description: A cross-site request forgery vulnerability has been identified in LoadMaster. It is possible for a malicious actor, who has prior knowledge of the IP or hostname of a specific LoadMaster...

Internet Bug Bounty: Proxy-Authorization header is not cleared in cross-domain redirect in undici

Proxy-Authorization header not cleared on cross-origin redirect in Undici. Impacted versions = v6.0.0 = v6.6.0. Patched in v5.28.3 and v6.6.1. No known workarounds...

silverstripe framework 输入验证错误漏洞

silverstripe framework is a CMS website framework. An input validation error vulnerability exists in silverstripe framework version 4.12.5 and prior. An attacker can exploit this vulnerability by tricking a victim into clicking on a specially crafted link that displays a link to a third-party...

Design/Logic Flaw

A CWE-668: Exposure of Resource to Wrong Sphere vulnerability exists that could cause all remote domains to access the resources data supplied by the server when an attacker sends a fetch request from third-party site or malicious site. Affected Products: EcoStruxure Power Commission Versions pri...

CVE-2022-22732

A CWE-668: Exposure of Resource to Wrong Sphere vulnerability exists that could cause all remote domains to access the resources data supplied by the server when an attacker sends a fetch request from third-party site or malicious site. Affected Products: EcoStruxure Power Commission Versions pri...

Information Disclosure

node-fetch is vulnerable to information disclosure. The vulnerability exists due to the cookie header being leaked to third party site which allows an attacker to gain access to sensitive information...

Exposure of Sensitive Information to an Unauthorized Actor in feross/simple-get

BUG ====== Cookie header leaked to third party site and it allow to hijack victim account SUMMURY ============ When fetching a remote url with Cookie if it get Location response header then it will follow that url and try to fetch that url with provided cookie . So cookie is leaked here to...

in lquixada/cross-fetch

BUG ====== Cookie header leaked to third party site and it allow to hijack victim account SUMMURY ============ When fetching a remote url with Cookie if it get Location response header then it will follow that url and try to fetch that url with provided cookie . So cookie is leaked here to...

Exposure of Sensitive Information to an Unauthorized Actor in axios/axios

BUG ====== Cookie header leaked to third party site and it allow to hijack victim account SUMMURY ============ When fetching a remote url with Cookie if it get Location response header then it will follow that url and try to fetch that url with provided cookie . So cookie is leaked here to...

Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in mineweb/minewebcms

Description Hello, In the password reset it is possible to perform a Host Header Injection, so the victim will receive an email pointing to a third party site. By clicking, the attacker will be able to retrieve the victim's account reset token and use it to access his account. From Portswigger :...

CVE-2021-29400

A cross-site request forgery CSRF vulnerability in the My SMTP Contact v1.1.1 plugin for GetSimple CMS allows remote attackers to change the SMTP settings of the contact forms for the webpages of the CMS after an authenticated admin visits a malicious third-party site...