2 matches found
CVE-2023-27577 Path Traversal Vulnerability in `LESS` Parser allows reading of sensitive server files in flarum
flarum is a forum software package for building communities. In versions prior to 1.7.0 an admin account which has already been compromised by an attacker may use a vulnerability in the LESS parser which can be exploited to read sensitive files on the server through the use of path traversal...
Countdown Timer 跨站脚本漏洞
Countdown Timer is a countdown timer widget for Confluence. A security vulnerability exists in Countdown Timer version 1.7.0, which can be exploited by an attacker to remotely launch a cross-site scripting attack...