2 matches found
CVE-2025-59088
If kdcproxy receives a request for a realm which does not have server addresses defined in its configuration, by default, it will query SRV records in the DNS zone matching the requested realm name. This creates a server-side request forgery vulnerability, since an attacker could send a request f...
Blog 安全漏洞
Blog is a personal blogging system by the individual developers of Xuzijia in China. A security vulnerability exists in Blog 983bede and prior versions, which stems from an unconfigured SERVERNAME causing the password reset function to rely on the Host HTTP header, which could lead to an account...