![]() ![]() LibreY is subject to a Server-Side Request Forgery (SSRF) vulnerability in the `image_proxy.php` file of LibreY before commit 8f9b9803f231e2954e5b49987a532d28fe50a627. LibreY is a fork of LibreX, a framework-less and javascript-free privacy respecting meta search engine. The vulnerability is limited to the ROOT (default) web application. URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92. ![]() This vulnerability affects Firefox generate(.)` function. This could have led to a site spoofing another if it had been maliciously set as the default search engine. Search queries in the default search engine could appear to have been the currently navigated URL if the search query itself was a well formed URL. Incorrect security UI in BFCache in Google Chrome prior to 1.179 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. All versions prior to 7.14.3.69 are affected.Īn incorrect permission check in Qualys Container Scanning Connector Plugin 1.6.2.6 and earlier allows attackers with global Item/Configure permission (while lacking Item/Configure permission on any particular job) to enumerate credentials IDs of credentials stored in Jenkins and to connect to an attacker-specified URL using attacker-specified credentials IDs, capturing credentials stored in Jenkins. An attacker must first successfully obtain valid agent credentials and target agent hostname. ![]() An improper check for an exceptional condition in the Insider Threat Management (ITM) Server could be used by an attacker to change the configuration of any already-registered agent so that all future agent communications are sent to an attacker-chosen URL. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |