2 matches found
Incorrect Ownership Assignment
Overview Affected versions of this package are vulnerable to Incorrect Ownership Assignment through improper validation of the defaultGroup ID after group access revocation. An attacker can gain unauthorized access to group collections and perform full CRUD operations by omitting the X-Tenant...
PT-2023-22987
Name of the Vulnerable Software and Affected Versions Starlette versions prior to 0.25.0 Description The issue arises from the MultipartParser usage in Encode's Starlette python framework, allowing an unauthenticated and remote attacker to specify any number of form fields or files, which can cau...