apko 路径遍历漏洞

Apko is an open-source OCI image builder based on APK. In versions 0.14.8 to 1.2.5 of Apko, there was a path traversal vulnerability. This vulnerability occurred because specially crafted APK packages could install entries that pointed to directories other than the build root directory. This...

WebP Express <= 0.14.4 - Authenticated Stored XSS

Edit - WPScanTeam: The reported issue has been fixed in 0.14.5. Other sanitisation checks have been implemented in newest versions such as 0.14.6 and 0.14.8 while the plugin was closed, so the fixed in is set to 0.14.8 PoC Video POC :...