There is an SSRF vulnerability in the Fluid Topics platform that affects versions prior to 4.3, where the server can be forced to make arbitrary requests to internal and external resources by an authe
An authentication bypass vulnerability exists in the OAuth2 TokenIntrospectionService in Apache CXF. Due to a missing 'throw' keyword in the security context check, the introspection endpoint (/servic
Authorization Bypass Through User-Controlled Key, Missing Authorization vulnerability in Ariva Computer Accord ORS allows Retrieve Embedded Sensitive Data.
This issue affects Accord ORS: before 7.3.2
Missing Authorization vulnerability in blokhauswp Minterpress minterpress allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Minterpress: from n/a through <= 1.0.5.
Missing Authorization vulnerability in miniOrange YourMembership Single Sign On allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YourMembership Single Sign On
Missing Authorization vulnerability in uxper Sala allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Sala: from n/a through 1.1.3.
Improper Input validation leads to XSS or Cross-site Scripting vulnerability in OpenText Advanced Authentication. This issue affects Advanced Authentication versions before 6.5.
A server-side request forgery (SSRF) vulnerability was identified in GitHub Enterprise Server that allowed an unauthenticated attacker to send crafted requests to internal services by exploiting insuf
A CRLF injection vulnerability exists in the OAuth2 AuthorizationUtils class. When constructing the WWW-Authenticate response header, the 'realm' parameter is concatenated without sanitizing Carriage
Missing Authorization vulnerability in Israpil Textmetrics webtexttool allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Textmetrics: from n/a through <= 3.6.4
Missing Authorization vulnerability in contentstudio Contentstudio contentstudio allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Contentstudio: from n/a through <= 1
An incorrect regular expression vulnerability was identified in GitHub Enterprise Server that allowed an attacker to bypass OAuth redirect URI validation. An attacker with knowledge of a first-party O
An error related to the 2-factor authorization (2FA) on the RISC Platform prior to the saas-2021-12-29 release can potentially be exploited to bypass the 2FA. The vulnerability requires that the 2FA s
Missing Authorization vulnerability in WebsiteinWP Blogpoet allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Blogpoet: from n/a through 1.0.3.
Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Authentication Bypass.This issue affects Enterprise MFA - TFA for Drupal: from 0
Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Authentication Bypass.This issue affects Enterprise MFA - TFA for Drupal: from 0
Missing Authorization vulnerability in nK DocsPress docspress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DocsPress: from n/a through <= 2.5.2.
Missing Authorization vulnerability in FeedFocal FeedFocal feedfocal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FeedFocal: from n/a through <= 1.2.2.
Missing Authorization vulnerability in raychat Raychat raychat allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Raychat: from n/a through <= 2.1.0.
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in OpenText Advanced Authentication allows Information Elicitation. The vulnerability could reveal sensitive in