Bonita Web 2021.2 is affected by a authentication/authorization bypass vulnerability due to an overly broad exclude pattern used in the RestAPIAuthorizationFilter. By appending ;i18ntranslation or /.. ...
Continue Reading
June 02, 2022
A Server-Side Template Injection (SSTI) was discovered in Form.io 2.0.0. This leads to Remote Code Execution during deletion of the default Email template URL.Read More ...
Continue Reading
June 02, 2022
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...
Continue Reading
June 02, 2022
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...
Continue Reading
June 02, 2022
There is no question that the level of threats facing todays businesses continues to change on a daily basis. So what are the trends that CISOs need to be on the lookout for? For this episode of the ...
Continue Reading
June 02, 2022
When files are uploaded into dotCMS via the content API, but before they become content, dotCMS writes the file down in a temporary directory. In the case of this vulnerability, dotCMS does not saniti ...
Continue Reading
June 02, 2022
DHIS2 is an information system for data capture, management, validation, analytics and visualization. A SQL injection security vulnerability affects the `/api/programs/orgUnits?programs=` API endpoint ...
Continue Reading
June 02, 2022
Back to Main
