2 matches found
PT-2025-5478 · Webtoffee · Webtoffee Wishlist For Woocommerce
Name of the Vulnerable Software and Affected Versions: WebToffee Wishlist for WooCommerce versions prior to 2.1.3 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an...
PT-2021-22197 · Apache · Apache Airflow
Name of the Vulnerable Software and Affected Versions: Apache Airflow versions 2.0.0 through 2.1.2 Description: The issue concerns the variable import endpoint not being protected by authentication. This allows unauthenticated users to access the endpoint, potentially leading to denial of service...