URL Redirection to Untrusted Site (‘Open Redirect’) vulnerability in Apache Software Foundation Apache Helix UI component.This issue affects Apache Helix all releases from 0.8.0 to and including 1.0.4. Solution: removed the the forward component since …
[django-termsandconditions] Terms and Conditions Module vulnerable to Open Redirect
A vulnerability has been found in cyface Terms and Conditions Module up to 2.0.10 and classified as problematic. Affected by this vulnerability is the function returnTo of the file termsandconditions/views.py. The manipulation leads to open redirect. T…
[cn.hutool:hutool-core] HuTool vulnerable to Uncontrolled Resource Consumption
A vulnerability classified as problematic was found in Dromara HuTool up to 5.8.10. This vulnerability affects unknown code of the file cn.hutool.core.util.ZipUtil.java. The manipulation leads to resource consumption. The attack can be initiated remote…
[feehi/feehicms] FeehiCMS Cross Site Scripting vulnerability
Cross Site Scripting (XSS) vulnerability in Feehi CMS thru 2.1.1 allows attackers to run arbitrary code via the user name field of the login page.
References
https://nvd.nist.gov/vuln/detail/CVE-2021-36572
https://github.com/liufee/cms/issues/58
https…
[feehi/feehicms] FeehiCMS Unrestricted Upload vulnerability
File Upload vulnerability in Feehi CMS thru 2.1.1 allows attackers to run arbitrary code via crafted image upload.
References
https://nvd.nist.gov/vuln/detail/CVE-2021-36573
https://github.com/liufee/cms/issues/59
https://github.com/advisories/GHSA-67…
[feehi/feehicms] FeehiCMS Cross Site Scripting vulnerability
Cross Site Scripting (XSS) vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbitrary code via the username field of the admin log in page.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-40000
https://github.com/liufee/cms/issues/6…
[feehi/feehicms] FeehiCMS Cross Site Scripting vulnerability
Cross Site Scripting (XSS) vulnerability in FeehiCMS 2.1.1 allows remote attackers to run arbitrary code via upload of crafted XML file.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-40373
https://github.com/liufee/cms/issues/67
https://github….
[feehi/feehicms] FeehiCMS Cross Site Scripting vulnerability
Cross Site Scripting (XSS) vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbitrary code via the title field of the create article page.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-40001
https://github.com/liufee/cms/issues/65…
[feehi/feehicms] FeehiCMS Cross Site Scripting vulnerability
Cross Site Scripting (XSS) vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbirtary code via the callback parameter to /cms/notify.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-40002
https://github.com/liufee/cms/issues/66
http…
[rfc6902] npm package rfc6902 vulnerable to Prototype Pollution
A vulnerability classified as problematic has been found in chbrown rfc6902. This affects an unknown part of the file pointer.ts. The manipulation leads to improperly controlled modification of object prototype attributes (‘prototype pollution’). The e…