3 matches found
Insertion Of Sensitive Information Into Sent Data
Axios is vulnerable to Insertion of Sensitive Information Into Sent Data. The vulnerability is due to improper use of truthy/falsy evaluation for the withXSRFToken configuration instead of strict boolean checks, which allows an attacker to force XSRF tokens to be sent to malicious cross-origin...
Incorrect Authorization
org.apache.streampipes:streampipes-parent is vulnerable to Incorrect Authorization. The vulnerability is due to a flaw in the user ID creation and JWT handling mechanism, which allows a non-administrator attacker to manipulate tokens and swap usernames with an administrator, thereby gaining full...
Perplexity AI Web Application 安全漏洞
Perplexity AI Web Application is a big data search engine application utilizing a big language model from Perplexity, Inc. in the United States. A security vulnerability exists in Perplexity AI Web Application GPT-4 version 2.51.0, which stems from mishandling of the token component and could lea...