2 matches found
CVE-2026-49353
Summary (CVE-2026-49353): 9Router before 0.4.46 has a local‑only access gate in src/dashboardGuard.js that relies on Host and Origin headers to classify requests as local. In proxied/tunneled deployments (reverse proxy, Cloudflare Tunnel, Tailscale), these headers are attacker‑controlled, enablin...
PT-2020-20607 · Isomorphic · Smartclient
Name of the Vulnerable Software and Affected Versions: SmartClient version 12.0 Description: An issue was discovered in the Remote Procedure Call RPC loadFile provided by the console functionality. The issue affects the /tools/developerConsoleOperations.jsp or /isomorphic/IDACall URL, where...