mm-wiki is vulnerable to Cross-Site Scripting (XSS)

mm-wki v0.2.1 is vulnerable to Cross Site Scripting XSS...

CVE-2021-40289

mm-wki v0.2.1 is vulnerable to Cross Site Scripting XSS...

Lin CMS vulnerable to Improper Authentication

An authentication bypass in Lin-CMS v0.2.1 allows attackers to escalate privileges to Super Administrator...

GHSA-4VRC-Q7M6-VQ7W Lin CMS vulnerable to Improper Authentication

An authentication bypass in Lin-CMS v0.2.1 allows attackers to escalate privileges to Super Administrator...

CVE-2021-40289

CVE-2021-40289 affects mm-wki/mm-wiki v0.2.1 with a Cross-Site Scripting (XSS) flaw. The issue arises from insufficient input sanitization on the create-new-space page, enabling script execution via user-provided data. CVSSv3.1 metrics show a Network attack vector, Low attack complexity, No privi...

CVE-2022-44244

An authentication bypass in Lin-CMS v0.2.1 allows attackers to escalate privileges to Super Administrator...

Authentication flaw

An authentication bypass in Lin-CMS v0.2.1 allows attackers to escalate privileges to Super Administrator...

CVE-2022-44244

An authentication bypass in Lin-CMS v0.2.1 allows attackers to escalate privileges to Super Administrator...

CVE-2021-39394

mm-wiki v0.2.1 was discovered to contain a Cross-Site Request Forgery CSRF which allows attackers to arbitrarily add user accounts and modify user information...

Cross site scripting

mm-wiki v0.2.1 was discovered to contain a cross-site scripting XSS vulnerability via the markdown editor...

Cross site request forgery (csrf)

mm-wiki v0.2.1 was discovered to contain a Cross-Site Request Forgery CSRF which allows attackers to arbitrarily add user accounts and modify user information...

CVE-2021-39394

mm-wiki v0.2.1 was discovered to contain a Cross-Site Request Forgery CSRF which allows attackers to arbitrarily add user accounts and modify user information...

CVE-2021-39393

CVE-2021-39393 affects mm-wiki v0.2.1, with a cross-site scripting (XSS) vulnerability via the markdown editor. The issue stems from insufficient input sanitization, enabling injection of malicious scripts. Impact and remediation details are limited across the provided sources; CVSS indicates a l...

CVE-2021-39393

mm-wiki v0.2.1 was discovered to contain a cross-site scripting XSS vulnerability via the markdown editor...

CVE-2022-32430

An access control issue in Lin CMS Spring Boot v0.2.1 allows attackers to access the backend information and functions within the application...

OpenZeppelin Contracts for Cairo account cannot process transactions on Goerli

Impact This vulnerability affects all accounts vanilla and ethereum flavors in the v0.2.0 release of OpenZeppelin Contracts for Cairo, which are not whitelisted on StarkNet mainnet, so only goerli deployments of v0.2.0 accounts are affected. This faulty behavior is not observed in StarkNet's...

GHSA-9CWV-CPPX-MQJM Improper Authentication in Capsule Proxy

Impact Using a malicious Connection header, an attacker with a proper authentication mechanism could start a privilege escalation towards the Kubernetes API Server, being able to exploit the cluster-admin Role bound to capsule-proxy. Patches Patch has been merged in the v0.2.1 release. Workaround...

SUSE SLES15 Security Update : helm-mirror (SUSE-SU-2019:0048-1)

This update for helm-mirror to version 0.2.1 fixes the following issues : Security issues fixed : CVE-2018-16873: Fixed a remote command execution bsc1118897 CVE-2018-16874: Fixed a directory traversal in 'go get' via curly braces in import path bsc1118898 CVE-2018-16875: Fixed a CPU denial of...