Duende IdentityServer 安全漏洞

Duende IdentityServer is a Duende open source, standards-compliant OpenID Connect and OAuth 2.x framework for ASP.NET Core. A security vulnerability exists in Duende IdentityServer that stems from certain functions that incorrectly treat maliciously constructed URLs as local and trusted. An...

Nextcloud Talk Code Injection Vulnerability

Nextcloud Talk is a self-hosted local audio/video and chat communication service from Nextcloud Germany. A code injection vulnerability exists in Nextcloud Talk versions 6.0.4, 7.0.2, and 8.0.7, which stems from the program failing to properly clean up Talk commands. An attacker could exploit the...