3 matches found
Authorization Bypass Through User-Controlled Key
Overview studiocms is an A Community-Driven Astro native CMS. Built from the ground up by the Astro community. Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the DELETE /studiocmsapi/dashboard/api-tokens endpoint. An attacker can revoke AP...
Improper Verification of Cryptographic Signature
Overview sm-crypto is a sm-crypto Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature in the SM2 signature verification process. An attacker can bypass signature validation by forging signatures for arbitrary public keys. Remediation Upgrade...
Origin Validation Error
Overview mcp-neo4j-cypher is an A simple Neo4j MCP server Affected versions of this package are vulnerable to Origin Validation Error via the lack of proper origin validation in the server's request handling. An attacker can execute unauthorized tool invocations against locally running instances ...