3 matches found
PT-2024-6608
Name of the Vulnerable Software and Affected Versions: WebOb versions prior to 1.8.8 Description: The issue is related to the handling of HTTP Location headers in WebOb, where the urlparse and urljoin functions can be exploited to redirect users to arbitrary URLs. This occurs when the urlparse...
PT-2023-10269 · Unknown · Landing Pages Plugin
Name of the Vulnerable Software and Affected Versions: Landing Pages Plugin versions up to 1.8.7 Description: A problematic issue has been found in the Landing Pages Plugin, affecting some unknown functionality. This issue leads to cross-site scripting and can be exploited remotely...
Arbitrary File Write via Archive Extraction (Zip Slip)
Overview bower offers a generic, unopinionated solution to the problem of front-end package management. Affected versions of this package are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip. Attackers can write arbitrary files when a malicious archive is extracted. Details It i...