Collabora Online is a collaborative online office suite. A stored cross-site scripting (XSS) vulnerability was found in Collabora Online prior to versions 22.05.13, 21.11.9.1, and 6.4.27. An attacker ...
Continue Reading
May 23, 2025
Collabora Online is a collaborative online office suite. A stored cross-site scripting (XSS) vulnerability was found in Collabora Online prior to versions 22.05.13, 21.11.9.1, and 6.4.27. An attacker ...
Continue Reading
May 23, 2025
Collabora Online is a collaborative online office suite. A stored cross-site scripting (XSS) vulnerability was found in Collabora Online prior to versions 22.05.13, 21.11.9.1, and 6.4.27. An attacker ...
Continue Reading
May 23, 2025
Pomerium is an identity and context-aware access proxy. Prior to version 0.26.1, the Pomerium user info page (at /.pomerium) unintentionally included serialized OAuth2 access and ID tokens from the lo ...
Continue Reading
May 23, 2025
An issue discovered in Egerie Risk Manager v4.0.5 allows attackers to bypass the signature mechanism and tamper with the values inside the JWT payload resulting in privilege...Read More ...
Continue Reading
May 23, 2025
Open source machine learning framework. A vulnerability has been identified in Rasa that enables an attacker who has the ability to load a maliciously crafted model remotely into a Rasa instance to ac ...
Continue Reading
May 23, 2025
cjwt is a C JSON Web Token (JWT) Implementation. Algorithm confusion occurs when a system improperly verifies the type of signature used, allowing attackers to exploit the lack of distinction between ...
Continue Reading
May 23, 2025
Directus is a real-time API and App dashboard for managing SQL database content. When reaching the /files page, a JWT is passed via GET request. Inclusion of session tokens in URLs poses a security ri ...
Continue Reading
May 23, 2025
Back to Main
