3 matches found
PT-2024-30468 · Unknown · Fonts Plugin Fonts
Name of the Vulnerable Software and Affected Versions: Fonts Plugin Fonts versions n/a through 3.7.7 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability in the Fonts Plugin Fonts, which allows Stored XSS. This means an attacker can trick a user into performing unintended...
DEBIAN-CVE-2024-23833
OpenRefine is a free, open source power tool for working with messy data and improving it. A jdbc attack vulnerability exists in OpenRefineversion=3.7.7 where an attacker may construct a JDBC query which may read files on the host filesystem. Due to the newer MySQL driver library in the latest...
PT-2024-20112 · Unknown +3 · Openrefine +3
Name of the Vulnerable Software and Affected Versions: OpenRefine versions = 3.7.7 Description: A jdbc attack vulnerability exists in OpenRefine where an attacker may construct a JDBC query to read files on the host filesystem. This issue allows attackers to read sensitive files on the target...