CVE-2022-39279 discourse-chat is a plugin for the Discourse message board which adds chat functionality
Chat is a very important part of a community. Some of the features chat provides include: Quick communication between users
Direct access to support staff
CVE-2022-32173 In v1.2.2 of Orchard Core, an authenticated user with an editor security role can inject a modal dialog component into the dashboard that will affect admin users.
This can be used to issue admin-level warnings or even perform actions as a logged in user. To exploit this issue, an attacker must trick
CVE-2022-42002 SonicJS through 0.6.0 has file overwrite mutations fileCreate and fileUpdate.
The fileCreate mutation can be called without any authentication. If a developer had access to this mutation, they could easily overwrite any file on an
CVE-2020-15338 The Zyxel CloudCNM SecuManager has a "Use of GET Request Method With Sensitive Query Strings" issue. This issue may be exploited by attackers to access sensitive information.
In these cases, the server may return a different response code than expected. This issue occurs when the GET request method is used with a
CVE-2022-40929 XXL-JOB 2.2.0 has a Command execution vulnerability in background tasks.
Microsoft Windows has a feature called background task. It can be used to do tasks at a scheduled time or when the system is idle.
Episode
00:00:00
00:00:00