Multiple cross-site scripting (XSS) vulnerabilities in the Plugin for OAuth 2.0 module's OAuth2ProviderApplicationRedirect class in Liferay Portal 7.4.3.41 through 7.4.3.52, and Liferay DXP 7.4 u ...
Continue Reading
May 23, 2025
PrinterShare Android application allows the capture of Gmail authentication tokens that can be reused to access a user's Gmail account without proper...Read More ...
Continue Reading
May 23, 2025
PrinterShare Android application allows the capture of Gmail authentication tokens that can be reused to access a user's Gmail account without proper...Read More ...
Continue Reading
May 23, 2025
Vulnerability Details Affected Vendor: Mobile Dynamix Affected Product: PrinterShare Mobile Print Affected Version: up to 12.15.01 Platform: Android CWE Classification: CWE-200 Exposure of Sensiti ...
Continue Reading
May 23, 2025
In the Ninja Forms Contact Form WordPress plugin before 3.4.34.1, low-level users, such as subscribers, were able to trigger the action, wp_ajax_nf_oauth, and retrieve the connection url needed to est ...
Continue Reading
May 23, 2025
Flask-AppBuilder is an application development framework, built on top of Flask. In affected versions if using Flask-AppBuilder OAuth, an attacker can share a carefully crafted URL with a trusted doma ...
Continue Reading
May 23, 2025
HedgeDoc (formerly known as CodiMD) is an open-source collaborative markdown editor. An attacker is able to receive arbitrary files from the file system when exporting a note to PDF. Since the code in ...
Continue Reading
May 23, 2025
ScratchOAuth2 is an Oauth implementation for Scratch. Any ScratchOAuth2-related data normally accessible and modifiable by a user can be read and modified by a third party. 1. Scratch user visits 3rd ...
Continue Reading
May 23, 2025
Back to Main
