GHSA-FPW4-P57J-HQMQ Paperclip: Stored XSS via javascript: URLs in MarkdownBody — urlTransform override disables react-markdown sanitization

Summary MarkdownBody, the shared component used to render every Markdown surface in the Paperclip UI issue documents, issue comments, chat threads, approvals, agent details, export previews, etc., passes urlTransform=url = url to react-markdown. That override replaces react-markdown's built-in...

Citrix NetScaler和Access Gateway多个远程拒绝服务漏洞

BUGTRAQ ID: 36948 Citrix NetScaler是一款网络流量管理产品，Citrix Access Gateway是一款通用的SSL VPN设备。 远程攻击者可以利用Citrix NetScaler和Access Gateway等产品中所使用的URL Transform、Application Firewall和AGEE Clientless VPN功能中的安全漏洞导致拒绝服务。 Citrix Access Gateway 企业版9.1 Citrix Access Gateway 企业版9.0 Citrix NetScaler 9.1 Citrix NetScaler...