Summary Arbitrary classes can be loaded and instantiated using a HTTP PUT request to the /api/system/cluster_config/ endpoint. Details Graylog's cluster config system uses fully qualified class n ...
Continue Reading
February 08, 2024
Impact Reauthenticating with an existing session cookie would re-use that session id, even if for different user credentials. In this case, the pre-existing session could be used to gain elevated acce ...
Continue Reading
February 08, 2024
-= Per source details. Do not edit below this line.=- Source: ghsa-malware (514bcd1028981b3a51b43d0f59deab5d625f73a52db290bee59c40e598bf0c86) Any computer that has this package installed or running sh ...
Continue Reading
February 08, 2024
The Simple Page Access Restriction plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.21 via the REST API. This makes it possible for unauth ...
Continue Reading
February 08, 2024
Affected packages The vulnerability has been discovered in the core HTML parsing module and may affect all editor instances that: * Enabled full-page editing mode, * or enabled CDATA elements in Advan ...
Continue Reading
February 08, 2024
Affected packages The vulnerability has been discovered in the core HTML parsing module and may affect all editor instances that: * Enabled full-page editing mode, * or enabled CDATA elements in Advan ...
Continue Reading
February 08, 2024
Summary Arbitrary classes can be loaded and instantiated using a HTTP PUT request to the /api/system/cluster_config/ endpoint. Details Graylog's cluster config system uses fully qualified class n ...
Continue Reading
February 08, 2024
Summary Arbitrary classes can be loaded and instantiated using a HTTP PUT request to the /api/system/cluster_config/ endpoint. Details Graylog's cluster config system uses fully qualified class n ...
Continue Reading
February 08, 2024
Back to Main
