Entra ID SSO via Microsoft Identity Broker on Linux 访问控制错误漏洞

Entra ID SSO via Microsoft Identity Broker on Linux is a browser extension developed by Siemens that enables single-sign-on on Linux devices through the Microsoft Identity Broker. Versions prior to 1.8.1 of Entra ID SSO via Microsoft Identity Broker on Linux contained an access control...

GHSA-JJ38-H5W5-MVPF October CMS: Reflected XSS via DataTable Form Widget

A reflected Cross-Site Scripting XSS vulnerability was identified in the backend DataTable widget where a query parameter was rendered without proper output escaping. Impact - Reflected XSS only, no stored/persistent component - The backend URL prefix is customizable and must be known or guessed ...

CVE-2026-34785 Rack: Local file inclusion in `Rack::Static` via URL Prefix Matching

Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Static determines whether a request should be served as a static file using a simple string prefix check. When configured with URL prefixes such as "/css", it matches any request path that begins with...

CVE-2026-34785

CVE-2026-34785 affects Rack (modular Ruby web server interface). Vulnerable component: Rack::Static. Issue: a simplistic string-prefix check for URL prefixes (e.g., "/css") causes matches on paths starting with that string, potentially serving files under the static root whose names merely share ...

CVE-2026-34361

HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java. Prior to version 6.9.4, the FHIR Validator HTTP service exposes an unauthenticated "/loadIG" endpoint that makes outbound HTTP requests to attacker-controlled URLs. Combined with a startsWith...

CVE-2026-34361 HAPI FHIR: Unauthenticated SSRF via /loadIG Chains with startsWith() Credential Leak for Authentication Token Theft

HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java. Prior to version 6.9.4, the FHIR Validator HTTP service exposes an unauthenticated "/loadIG" endpoint that makes outbound HTTP requests to attacker-controlled URLs. Combined with a startsWith...

CVE-2026-34359

CVE-2026-34359 has concrete details in the connected GHSA advisory: HAPI FHIR Core is vulnerable to credential leakage via improper URL prefix matching on HTTP redirects. The root cause is a startsWith-based check in ManagedWebAccessUtils.getServer() (no host boundary validation), which can cause...

CVE-2026-34359 HAPI FHIR: Authentication Credential Leakage via Improper URL Prefix Matching on HTTP Redirect in HAPI FHIR Core

HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java. Prior to version 6.9.4, ManagedWebAccessUtils.getServer uses String.startsWith to match request URLs against configured server URLs for authentication credential dispatch. Because configured...

CVE-2026-34359 HAPI FHIR: Authentication Credential Leakage via Improper URL Prefix Matching on HTTP Redirect in HAPI FHIR Core

HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java. Prior to version 6.9.4, ManagedWebAccessUtils.getServer uses String.startsWith to match request URLs against configured server URLs for authentication credential dispatch. Because configured...

HAPI FHIR Core has Authentication Credential Leakage via Improper URL Prefix Matching on HTTP Redirect

ManagedWebAccessUtils.getServer uses String.startsWith to match request URLs against configured server URLs for authentication credential dispatch. Because configured server URLs e.g., http://tx.fhir.org lack a trailing slash or host boundary check, an attacker-controlled domain like...

CVE-2025-29180

In FOXCMS =1.25, the installdb.php file has a time - based blind SQL injection vulnerability. The urlprefix, domain, and mywebsite POST parameters are directly concatenated into SQL statements without filtering...

SUSE CVE-2019-10255

An Open Redirect vulnerability for all browsers in Jupyter Notebook before 5.7.7 and some browsers Chrome, Firefox in JupyterHub before 0.9.5 allows crafted links to the login page, which will redirect to a malicious site after successful login. Servers running on a baseurl prefix are not affecte...

PT-2023-18737 · Ibm · Ibm Robotic Process Automation

Name of the Vulnerable Software and Affected Versions: IBM Robotic Process Automation versions 20.12.0 through 21.0.2 Description: The issue allows an attacker to obtain sensitive information using man-in-the-middle techniques because some RPA commands default to HTTP when the prefix is not...

Malformed URL Prefix Phishing Attacks Spike 6,000%

Researchers from GreatHorn report they have observed a nearly 6,000-percent jump in attacks using “malformed URL prefixes” to evade protections and deliver phishing emails that look legit. They look legit, that is, unless you look closely at the symbols used in the prefix before the URL. “The URL...

DEBIAN-CVE-2020-26275

The Jupyter Server provides the backend i.e. the core services, APIs, and REST endpoints for Jupyter web applications like Jupyter notebook, JupyterLab, and Voila. In Jupyter Server before version 1.1.1, an open redirect vulnerability could cause the jupyter server to redirect the browser to a...

PYSEC-2020-346

The Jupyter Server provides the backend i.e. the core services, APIs, and REST endpoints for Jupyter web applications like Jupyter notebook, JupyterLab, and Voila. In Jupyter Server before version 1.1.1, an open redirect vulnerability could cause the jupyter server to redirect the browser to a...

CVE-2020-26275

The Jupyter Server provides the backend i.e. the core services, APIs, and REST endpoints for Jupyter web applications like Jupyter notebook, JupyterLab, and Voila. In Jupyter Server before version 1.1.1, an open redirect vulnerability could cause the jupyter server to redirect the browser to a...

PT-2020-16397 · Jupyter · Jupyter Server

Name of the Vulnerable Software and Affected Versions: Jupyter Server versions prior to 1.1.1 Description: The issue is an open redirect vulnerability that could cause the Jupyter server to redirect the browser to a different malicious website. All Jupyter servers running without a base url prefi...

Jupyter Server Input Validation Error Vulnerability

Jupyter Server is a Jupyter community application used to provide back-end services for Jupyter web applications. A security vulnerability existed prior to Jupyter version 1.1.1 that stemmed from an open redirection vulnerability could cause the Jupyter server to redirect a browser to another...

GHSA-7W4P-72J7-V7C2 Phar object injection in PHPMailer

PHPMailer versions prior to 6.0.6 and 5.2.27 are vulnerable to an object injection attack by passing phar:// paths into addAttachment and other functions that may receive unfiltered local paths, possibly leading to RCE. See this article for more info on this type of vulnerability. Mitigated by...