2 matches found
Todoist 安全漏洞
Todoist is a task management and to-do list application from Todoist, Inc. A security vulnerability exists in Todoist version v8896, which stems from a lack of cleanup of uploaded SVG files in /api/v1/uploads, which could lead to a cross-site scripting attack...
Medium: tomcat
Issue Overview: Improper Resource Shutdown or Release vulnerability in Apache Tomcat. If an error occurred including exceeding limits during the processing of a multipart upload, temporary copies of the uploaded parts written to disc were not cleaned up immediately but left for the garbage...