XXL-Job v2.3.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via /xxl-job-admin/jobinfo.Read More ...
Continue Reading
June 03, 2022
PublicCMS V4.0.202204.a and below contains an information leak via the component /views/directive/sys/SysConfigDataDirective.java.Read More ...
Continue Reading
June 03, 2022
### Impact Play Framework, when run in dev mode, shows verbose errors for easy debugging, including an exception stack trace. Play does this by configuring its `DefaultHttpErrorHandler` to do so based ...
Continue Reading
June 03, 2022
### Impact Play Framework, when run in dev mode, shows verbose errors for easy debugging, including an exception stack trace. Play does this by configuring its `DefaultHttpErrorHandler` to do so based ...
Continue Reading
June 03, 2022
A Server-Side Template Injection (SSTI) was discovered in Form.io 2.0.0. This leads to Remote Code Execution during deletion of the default Email template URL.Read More ...
Continue Reading
June 03, 2022
A Server-Side Template Injection (SSTI) was discovered in Form.io 2.0.0. This leads to Remote Code Execution during deletion of the default Email template URL.Read More ...
Continue Reading
June 03, 2022
### Impact The gatsby-plugin-mdx plugin prior to versions 3.15.2 and 2.14.1 passes input through to the `gray-matter` npm package, which is vulnerable to JavaScript injection in its default configurat ...
Continue Reading
June 03, 2022
### Impact The gatsby-plugin-mdx plugin prior to versions 3.15.2 and 2.14.1 passes input through to the `gray-matter` npm package, which is vulnerable to JavaScript injection in its default configurat ...
Continue Reading
June 03, 2022
Back to Main
