1702 matches found
Unescaped message used in HTML within LogEventsList
More info at https://phabricator.wikimedia.org/T256171...
TYPO3-CORE-SA-2020-006: Same-Site Request Forgery to Backend User Interface
More info at https://typo3.org/security/advisory/typo3-core-sa-2020-006...
CVE-2020-5255: Prevent cache poisoning via a Response Content-Type header
More info at https://symfony.com/cve-2020-5255...
CVE-2019-18888: Prevent argument injection in a MimeTypeGuesser
More info at https://symfony.com/cve-2019-18888...
Direct POST to Special:ChangeEmail will bypass reauth check
More info at https://phabricator.wikimedia.org/T197279...
Need to make a limit of count of attempts to change email address
More info at https://phabricator.wikimedia.org/T209794...
Fixed being bypassable of CVE-2019-6257 SSRF.
Changes form previous version All previous changes is here. - js:core Fixed 2863 cssAutoLoad Array option is not working - js:core Fixed 2862 stop autoSync when browser tab turn to background - cmd:search Fixed 2867 support incremental search other than filename - VD:abstract Fixed 2873 correct...
$wgRateLimits (rate limit / ping limiter) entry for 'user' overrides that for 'newbie'
More info at https://phabricator.wikimedia.org/T169545...
Incorrect signature validation
More info at https://simplesamlphp.org/security/201803-01...
Settings Tray access bypass.
More info at https://www.drupal.org/SA-CORE-2018-001...
The switchIdentity() function in yii\web\User did not regenerate the CSRF token upon a change of identity
More info at https://www.yiiframework.com/news/165/yii-2-0-14-is-released/...
Views does not properly restrict access to the Ajax endpoint.
More info at https://www.drupal.org/SA-CORE-2017-004...
Files uploaded by anonymous users into a private file system can be accessed by other anonymous users
More info at https://www.drupal.org/SA-CORE-2017-003...
Environment Variable Injection
More info at https://typo3.org/security/advisory/typo3-core-sa-2016-019...
Saving user accounts can sometimes grant the user all roles
More info at https://www.drupal.org/SA-CORE-2016-002...
Saving user accounts can sometimes grant the user all roles
More info at https://www.drupal.org/SA-CORE-2016-001...
CVE-2015-8125: Potential Remote Timing Attack Vulnerability in Security Remember-Me Service
More info at https://symfony.com/cve-2015-8125...
Security Misconfiguration Vulnerability in various Doctrine projects
More info at https://www.doctrine-project.org/2015/08/31/securitymisconfigurationvulnerabilityinvariousdoctrineprojects.html...
Potential CRLF injection attacks in mail and HTTP headers
More info at https://framework.zend.com/security/advisory/ZF2015-04...
XSS vulnerability in login redirect param
Security advisory: XSS vulnerability in login redirect param ZfcUser version 1.2.2 has been released and includes a security for this vulnerability. Fix has been applied in @baf0e460 Affected versions All versions below 1.2.2 are affected. dev-master is fixed starting from @2cc167a Exploits Becau...
Denial of Service in OpenID System Extension
More info at https://typo3.org/security/advisory/typo3-core-sa-2014-002...
Ability to enable/disable object support in YAML parsing and dumping
More info at https://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released...
XSS vulnerability exploitable on Internet Explorer
More info at http://htmlpurifier.org/news/2010/0531-4.1.1-released...
PHP Code Injection
phpWhois PHP Code Injection\nVulnerability Overview\nphpWhois and some of its forks in versions before 5.1.0 are prone to a\ncode injection vulnerability due to insufficient sanitization of returned\nWHOIS data. This allows attackers controlling the WHOIS information of a\nrequested domain to...
Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.
There was a problem hiding this comment. Choose a reason for hiding this comment The reason will be displayed to describe this comment to others. Learn more. Choose a reason Spam Abuse Off Topic Outdated Duplicate Resolved Hide comment I'm afraid this change is wrong. fileexists is not the only...
PHP Code Injection
phpWhois PHP Code Injection Vulnerability Overview phpWhois and some of its forks in versions before 5.1.0 are prone to a code injection vulnerability due to insufficient sanitization of returned WHOIS data. This allows attackers controlling the WHOIS information of a requested domain to execute...
SQL injection vulnerabililty in the file manager search filter
More info at https://contao.org/en/news/security-vulnerability-cve-2019-11512.html...
CVE-2024-51996: Authentication Bypass via persisted RememberMe cookie
More info at https://symfony.com/cve-2024-51996...
Timing attack vector for remember me token
The current rememberme token verification process leaves the application open to a timing attack. Since the default is for the token to be stored as a cookie and for cookies to be encrypted, an attacker would have to know the application secret to exploit this. However, should a custom guard be...
TOTP throttle not enforced cross-wiki
More info at https://phabricator.wikimedia.org/T251661...
Drupal core - Critical - Arbitrary PHP code execution - SA-CORE-2020-005
More info at https://www.drupal.org/sa-core-2020-005...
CVE-2019-10911: Add a separator in the remember me cookie hash
More info at https://symfony.com/cve-2019-10911...
CVE-2024-50343: Incorrect response from Validator when input ends with ` `
More info at https://symfony.com/cve-2024-50343...
PHP Code Injection
phpWhois PHP Code Injection\nVulnerability Overview\nphpWhois and some of its forks in versions before 5.1.0 are prone to a\ncode injection vulnerability due to insufficient sanitization of returned\nWHOIS data. This allows attackers controlling the WHOIS information of a\nrequested domain to...
CVE-2026-46644: symfony/polyfill-intl-idn accepts xn-- labels whose Punycode payload decodes to ASCII-only: insecure equivalence
More info at https://symfony.com/cve-2026-46644...
Arbitrary PHP code execution via `_self.(<string>)` macro-reference compilation
More info at https://symfony.com/cve-2026-46640...
TYPO3-EXT-SA-2026-009: Broken Access Control in extension "Frontend User Registration" (sf_register)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2026-009...
Cross-site scripting (XSS) via script break-out in toScript() output
What's Changed Escape HTML tags in toScript output to prevent script break-out by @freekmurze in https://github.com/spatie/schema-org/pull/242 Values containing passed as schema properties could break out of the generated block and execute injected HTML when the value was attacker-controlled...
CVE-2024-29885 - Reports are still accessible even when canView is set to false
More info at https://www.silverstripe.org/download/security-releases/cve-2024-29885...
CVE-2022-37429 - Stored XSS using HTMLEditor
More info at https://www.silverstripe.org/download/security-releases/cve-2022-37429...
$this->validate() returns all properties, not just validated ones
IMPORTANT BUGFIX $this-validate usually only returns the validated dataset, however a regression was introduced, that caused it to return ALL data on the Livewire component. 1659...
Insecure default secret key and IV allowing anyone to decrypt values
This issue has been deleted...
PRODSECBUG-2423: Cross-Site Scripting via inventory source
More info at https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update...
CVE-2019-14272: XSS in file titles managed through the CMS
More info at https://www.silverstripe.org/download/security-releases/cve-2019-14272/...
CVE-2019-12437: Cross Site Request Forgery (CSRF) Protection Bypass in GraphQL
More info at https://www.silverstripe.org/download/security-releases/cve-2019-12437...
CVE-2019-12246: Denial of Service on flush and development URL tools
More info at https://www.silverstripe.org/download/security-releases/cve-2019-12246...
Cross-Site Scripting in Fluid Engine
More info at https://typo3.org/security/advisory/typo3-core-sa-2019-013...
CVE-2019-1000011: Access control bypass in GraphQL mutations
Q A Bug fix? yes New feature? no BC breaks? no Deprecations? no Tests pass? yes Fixed tickets 2364 License MIT Doc PR This prevents passing IRIs belonging to different resource classes, which would bypass access control in some instances see 2364...
Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.
Fix for security vulnerability: Using the phar:// wrapper it was possible to trigger the unserialization of user provided data...
Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.
Fix for security vulnerability: Using the phar:// wrapper it was possible to trigger the unserialization of user provided data...