3 matches found
PT-2023-12411 · Unknown · Yomguithereal Baobab
Name of the Vulnerable Software and Affected Versions: Yomguithereal Baobab versions up to 2.6.0 Description: A critical issue affects an unknown functionality, leading to improperly controlled modification of object prototype attributes, also known as 'prototype pollution'. This can be exploited...
PT-2021-20072 · Apache · Apache Apisix Dashboard
Name of the Vulnerable Software and Affected Versions: Apache APISIX Dashboard version 2.6 Description: The issue arises from a combination of factors, including a change in the default listen host to 0.0.0.0 to facilitate external network access, the use of a risky function for IP acquisition in...
CVE-2021-21337
Products.PluggableAuthService is a pluggable Zope authentication and authorization framework. In Products.PluggableAuthService before version 2.6.0 there is an open redirect vulnerability. A maliciously crafted link to the login form and login functionality could redirect the browser to a differe...