77 matches found
CVE-2021-28373
The authinternal plugin in Tiny Tiny RSS aka tt-rss before 2021-03-12 allows an attacker to log in via the OTP code without a valid password. NOTE: this issue only affected the git master branch for a short time. However, all end users are explicitly directed to use the git master branch in...
CVE-2021-28373
The authinternal plugin in Tiny Tiny RSS aka tt-rss before 2021-03-12 allows an attacker to log in via the OTP code without a valid password. NOTE: this issue only affected the git master branch for a short time. However, all end users are explicitly directed to use the git master branch in...
Tiny Tiny RSS 安全漏洞
Tiny Tiny RSStt-rss,tt-rss is an open source based browser-based news feed reader and aggregator. Tiny Tiny RSS before 2021-03-12 A security vulnerability exists that allows an attacker to log in via OTP code without a valid password...
Tiny Tiny RSS - Remote Code Execution Exploit
Exploit Title: Tiny Tiny RSS - Remote Code Execution Exploit Author: Daniel Neagaru & Benjamin Nadarević Blog post: https://www.digeex.de/blog/tinytinyrss/ Software Link: https://git.tt-rss.org/fox/tt-rss Version: all before 2020-09-16 Commit with the fixes:...
Tiny Tiny RSS - Remote Code Execution
Exploit Title: Tiny Tiny RSS - Remote Code Execution Date: 21/09/2020 Exploit Author: Daniel Neagaru & Benjamin Nadarević Blog post: https://www.digeex.de/blog/tinytinyrss/ Software Link: https://git.tt-rss.org/fox/tt-rss Version: all before 2020-09-16 Commit with the fixes:...
DEBIAN-CVE-2020-25789
An issue was discovered in Tiny Tiny RSS aka tt-rss before 2020-09-16. The cachedurl feature mishandles JavaScript inside an SVG document...
CVE-2020-25789
An issue was discovered in Tiny Tiny RSS aka tt-rss before 2020-09-16. The cachedurl feature mishandles JavaScript inside an SVG document...
CVE-2020-25789
An issue was discovered in Tiny Tiny RSS aka tt-rss before 2020-09-16. The cachedurl feature mishandles JavaScript inside an SVG document...
CVE-2020-25787
An issue was discovered in Tiny Tiny RSS aka tt-rss before 2020-09-16. It does not validate all URLs before requesting them...
CVE-2020-25788
An issue was discovered in Tiny Tiny RSS aka tt-rss before 2020-09-16. imgproxy in plugins/afproxyhttp/init.php mishandles $REQUEST"url" in an error message...
CVE-2020-25788
An issue was discovered in Tiny Tiny RSS aka tt-rss before 2020-09-16. imgproxy in plugins/afproxyhttp/init.php mishandles $REQUEST"url" in an error message...
DEBIAN-CVE-2020-25787
An issue was discovered in Tiny Tiny RSS aka tt-rss before 2020-09-16. It does not validate all URLs before requesting them...
CVE-2020-25787
An issue was discovered in Tiny Tiny RSS aka tt-rss before 2020-09-16. It does not validate all URLs before requesting them...
DEBIAN-CVE-2020-25788
An issue was discovered in Tiny Tiny RSS aka tt-rss before 2020-09-16. imgproxy in plugins/afproxyhttp/init.php mishandles $REQUEST"url" in an error message...
Code injection
An issue was discovered in Tiny Tiny RSS aka tt-rss before 2020-09-16. imgproxy in plugins/afproxyhttp/init.php mishandles $REQUEST"url" in an error message...
UBUNTU-CVE-2020-25788
An issue was discovered in Tiny Tiny RSS aka tt-rss before 2020-09-16. imgproxy in plugins/afproxyhttp/init.php mishandles $REQUEST"url" in an error message...
CVE-2020-25789
An issue was discovered in Tiny Tiny RSS aka tt-rss before 2020-09-16. The cachedurl feature mishandles JavaScript inside an SVG document...
Design/Logic Flaw
An issue was discovered in Tiny Tiny RSS aka tt-rss before 2020-09-16. The cachedurl feature mishandles JavaScript inside an SVG document...
Design/Logic Flaw
An issue was discovered in Tiny Tiny RSS aka tt-rss before 2020-09-16. It does not validate all URLs before requesting them...
CVE-2020-25788
An issue was discovered in Tiny Tiny RSS aka tt-rss before 2020-09-16. imgproxy in plugins/afproxyhttp/init.php mishandles $REQUEST"url" in an error message...