PublicCMS V4.0.202204.a and below contains an information leak via the component /views/directive/sys/SysConfigDataDirective.java.Read More ...
Continue Reading
June 03, 2022
### Impact Play Framework, when run in dev mode, shows verbose errors for easy debugging, including an exception stack trace. Play does this by configuring its `DefaultHttpErrorHandler` to do so based ...
Continue Reading
June 03, 2022
### Impact Play Framework, when run in dev mode, shows verbose errors for easy debugging, including an exception stack trace. Play does this by configuring its `DefaultHttpErrorHandler` to do so based ...
Continue Reading
June 03, 2022
A Server-Side Template Injection (SSTI) was discovered in Form.io 2.0.0. This leads to Remote Code Execution during deletion of the default Email template URL.Read More ...
Continue Reading
June 03, 2022
A Server-Side Template Injection (SSTI) was discovered in Form.io 2.0.0. This leads to Remote Code Execution during deletion of the default Email template URL.Read More ...
Continue Reading
June 03, 2022
### Impact The gatsby-plugin-mdx plugin prior to versions 3.15.2 and 2.14.1 passes input through to the `gray-matter` npm package, which is vulnerable to JavaScript injection in its default configurat ...
Continue Reading
June 03, 2022
### Impact The gatsby-plugin-mdx plugin prior to versions 3.15.2 and 2.14.1 passes input through to the `gray-matter` npm package, which is vulnerable to JavaScript injection in its default configurat ...
Continue Reading
June 03, 2022
Following the coordinated and responsible vulnerability disclosure guidelines of the **[ISO 29147]()** standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. not ...
Continue Reading
June 03, 2022
Back to Main
