Summary Logic error in 2FA verification condition allows bypass of two-factor authentication Details https://github.com/komari-monitor/komari/blob/bd5a6934e1b79a12cf1e6a9bba5372d0e04f3abc/api/login.go ...
Continue Reading
August 12, 2025
Summary WebSocket upgrader has disabled origin checking, enabling Cross-Site WebSocket Hijacking (CSWSH) attacks against authenticated users Details https://github.com/komari-monitor/komari/blob/bd5a6 ...
Continue Reading
August 12, 2025
Mattermost Confluence Plugin versions < 1.5.0 fail to check user access to the channel, allowing attackers to get channel subscription details without proper access to the channel via API call ...
Continue Reading
August 12, 2025
Mattermost Confluence Plugin versions < 1.5.0 fail to enforce user authentication of the Mattermost instance, allowing unauthenticated attackers to edit channel subscriptions via API call to th ...
Continue Reading
August 12, 2025
Summary The parameter add_links in the API /json/add_package is vulnerable to SQL Injection. SQL injection vulnerabilities can lead to sensitive data leakage. Details Affected file:https://github.c ...
Continue Reading
August 12, 2025
A reflected Cross-Site Scripting (XSS) vulnerability was identified in the "Create Category" feature of the post creation functionality. When a user entered a malicious JavaScript pa ...
Continue Reading
August 12, 2025
The exposure of personal IP addresses through email messages has been identified as a potential security issue. Email messages can pass through multiple servers, which may store or record the content, ...
Continue Reading
August 12, 2025
Vulnerability description not...Read More ...
Continue Reading
August 12, 2025
Back to Main
