4 matches found
CVE-2017-7552
CVE-2017-7552 affects the Red Hat Mobile Application Platform (RHMAP) file editor (millicore). The flaw, in affected versions before 3.19.0 and 4.x before 4.5.0, allows files to be executed as well as created, enabling an attacker to compromise other users’ or teams’ projects stored in source con...
CVE-2017-7553
The CVE-2017-7553 entry concerns the external_request API call in Red Hat App Studio (millicore) that enables server-side request forgery (SSRF). The vulnerability allows an attacker to probe internal network resources and access restricted endpoints via the external_request interface. Connected ...
CVE-2017-7554
CVE-2017-7554 affects Red Hat Mobile Application Platform (RHMAP) App Studio 4.4, where the App Studio component executes JavaScript provided by a user, enabling stored XSS against an application administrator. The cited Red Hat advisories and related feeds confirm this vulnerability type and imp...
CVE-2020-1723
Keycloak Gatekeeper (Louketo) suffers a redirect abuse in its logout endpoint. Affected versions are 6.0.1 and 7.0.0, where /oauth/logout?redirect=url can redirect logged-in users to arbitrary pages, enabling phishing risks. The issue is documented across CVE-2020-1723 entries (NVD) and corrobora...