The Safari app extension bundled with 1Password for Mac 7.7.0 through 7.8.x before 7.8.7 is vulnerable to authorization bypass. A certain csrf_token value is derived from the admin password, and may be useful in conducting a brute-force attack against that password. ![]() GNU Mailman before 2.1.35 may allow remote Privilege Escalation. After obtaining a user’s permission, remote attackers can access other users’ and administrator’s account information except password by crafting URL parameters. The learning history page of the Easytest is vulnerable by permission bypass. ![]() ![]() The affected product is vulnerable to a disclosure of peer username and password by allowing all users access to read global variables.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |