-
Mesh Version 1.1.2
- Server Side Template Injection (Blind)
Critical Risk
Affected:
HTTP Method: POST
Parameter: action
HTTP Method: POST
Parameter: remembertoken
HTTP Method: POST
Para…
-
Vulnerable Library - jquery.dataTables-1.10.7.min.js
DataTables enhances HTML tables with the ability to sort, filter and page the data in the table very easily. It provides a comprehensive API and …
-
Our website is being displayed as unsecure after deployment, it likely means that our website is not using a secure HTTPS connection or there are other security-related issues. Here are some steps you…
-
### Description
Hi team,
I am trying to use Admin API filter to select routes, upstreams, ... with their labels
For example, I have a route defined like this
```json
{
"createdIndex": 38,
…
-
### Symfony version(s) affected
current
### Description
dump() is perfect for debugging. The dump window is apparently generated via a JS ` Sfdump = window.Sfdump ... `.
The use of CSP to p…
oioix updated
5 months ago
-
Go here and add this code to your page:
http://pasteit.com/102
It will add a filter to every textbox on your page so the use can't type chars to inject scripts and won't get that dangerous request e…
-
MetacatUI currently relies on [RequireJS](https://requirejs.org/) for asset loading. We aim to improve performance by integrating a modern bundler such as Webpack or Parcel. The goal is to improve Met…
-
## Description
Jupyterlab has a notion of "trust" to avoid executing any code just by opening a notebook for mere visualization.
When a notebook is not trusted, precautions are taken not to run …
-
k8s servicename.namespace can not be resolved in lua scripts
Hi team
we are using openresty to connect redis with k8s service name,but redis address can not be resolved inside lua script
ngi…
-
## New Feature
When configuring (e.g., topics, vulnerability, general settings, etc. ) archived repositories, safe-settings receives HTTP 422 errors. Since the intention of archived repositories is…