3 matches found
EUVD-2023-43684
Malicious code in bioql PyPI...
Improper Validation of Array Index
Overview Affected versions of this package are vulnerable to Improper Validation of Array Index through the fiber.Ctx.BodyParser method that panics when trying to parse a negative range index. An attacker can cause the server to crash by sending a specially crafted payload with a negative index f...
BigBlueButton <= 3.0.0-beta.4 - Reflected XSS
Description The plugin does not sanitise and escape the username and tempentrypass parameters before outputting them back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...