Kategori: NIST-Güvenlik Açıkları

CVE-2022-1721

Path Traversal in WellKnownServlet in GitHub repository jgraph/drawio prior to 18.0.5. Read local files of the web application. Zafiyet ile ilgili Genel Bilgi, Etki ve…

Devamını oku

CVE-2022-1722

SSRF in editor’s proxy via IPv6 link-local address in GitHub repository jgraph/drawio prior to 18.0.5. SSRF to internal link-local IPv6 addresses Zafiyet ile ilgili Genel…

Devamını oku

CVE-2022-1726

Bootstrap Tables XSS vulnerability with Table Export plug-in when exportOptions: htmlContent is true in GitHub repository wenzhixin/bootstrap-table prior to 1.20.2. Disclosing session cookies, disclosing secure…

Devamını oku

CVE-2022-1728

Allowing long password leads to denial of service in polonel/trudesk in GitHub repository polonel/trudesk prior to 1.2.2. This vulnerability can be abused by doing a…

Devamını oku

CVE-2022-1217

The Custom TinyMCE Shortcode Button WordPress plugin through 1.1 does not sanitise and escape the PHP_SELF variable before outputting it back in an attribute in…

Devamını oku

CVE-2022-1265

The BulletProof Security WordPress plugin before 6.1 does not sanitize and escape some of its CAPTCHA settings, which could allow high-privileged users to perform Cross-Site…

Devamını oku