8 matches found
Astra Linux - уязвимость в yard
Path traversal is possible before version 0.9.20...
SUSE CVE-2019-1020001
yard before 0.9.20 allows path traversal...
CVE-2022-39840
Cotonti Siena 0.9.20 allows admins to conduct stored XSS attacks via a direct message DM...
CVE-2022-39839
Cotonti Siena 0.9.20 allows admins to conduct stored XSS attacks via a forum post...
PT-2022-25031 · Unknown · Cotonti Siena
Name of the Vulnerable Software and Affected Versions: Cotonti Siena version 0.9.20 Description: The issue allows admins to conduct stored XSS attacks via a direct message DM. Recommendations: For Cotonti Siena version 0.9.20, update to a version that fixes this issue, as using direct messages fo...
Cotonti Siena 跨站脚本漏洞
Cotonti Siena is a powerful open source web development framework and content manager from Cotonti Open Source. A security vulnerability exists in Cotonti Siena version 0.9.20, which originates from allowing administrators to conduct stored XSS attacks via forum posts...
Cotonti Siena 跨站脚本漏洞
Cotonti Siena is a powerful open source web development framework and content manager from Cotonti Open Source. A security vulnerability exists in Cotonti Siena version 0.9.20, which stems from a stored XSS attack that allows administrators to conduct direct messages DM...
CVE-2019-1020001
yard before 0.9.20 allows path traversal...