emlog 安全漏洞

emlog is a PHP and MySQL based CMS website builder by emlog's individual developers. A security vulnerability exists in emlog version 2.3.18 and prior versions. An attacker can exploit the vulnerability to write malicious JavaScript code in published posts...

PT-2024-34383 · Emlog Pro · Emlog Pro

Name of the Vulnerable Software and Affected Versions: emlog pro versions 2.3.18 and earlier Description: The issue allows attackers to write malicious JavaScript code in published articles, potentially leading to Cross Site Scripting XSS attacks. Recommendations: For emlog pro versions 2.3.18 an...

CVE-2022-29233 Improper access control for breakout rooms in BigBlue Button

BigBlueButton is an open source web conferencing system. In BigBlueButton starting with 2.2 but before 2.3.18 and 2.4-rc-1, an attacker can circumvent access controls to gain access to all breakout rooms of the meeting they are in. The permission checks rely on knowledge of internal ids rather th...