2 matches found
CVE-2025-11360 jakowenko double-take API app.js app.use cross site scripting
A vulnerability was detected in jakowenko double-take up to 1.13.1. The impacted element is the function app.use of the file api/src/app.js of the component API. The manipulation of the argument X-Ingress-Path results in cross site scripting. The attack can be executed remotely. Upgrading to...
Double Take 代码注入漏洞
Double Take is a unified UI and API from David Jakowenko's personal developer with functionality to process and train images for facial recognition. A code injection vulnerability exists in Double Take 1.13.1 and earlier versions, which stems from improper manipulation of the X-Ingress-Path...