A Cross-Site Request Forgery (CSRF) vulnerability exists in lunary-ai/lunary version 1.2.34 due to overly permissive CORS settings. This vulnerability allows an attacker to sign up for and create proj
A broken access control vulnerability exists in lunary-ai/lunary versions 1.2.7 through 1.4.2. The vulnerability allows an authenticated attacker to modify any user's templates by sending a crafted HT
In lunary-ai/lunary versions up to and including 1.2.5, an information disclosure vulnerability exists due to the inclusion of single-use tokens in the responses of `GET /v1/users/me` and `GET /v1/use
lunary-ai/lunary versions prior to 1.9.24 are vulnerable to stored cross-site scripting (XSS). An unauthenticated attacker can inject malicious JavaScript into the `v1/runs/ingest` endpoint by adding
Cross-Site Request Forgery (CSRF) vulnerability in apollo13themes Rife Free rife-free allows Cross Site Request Forgery.This issue affects Rife Free: from n/a through <= 2.4.18.
A critical stored Cross-Site Scripting (XSS) vulnerability exists in the Analytics component of lunary-ai/lunary versions up to 1.9.23, where the NEXT_PUBLIC_CUSTOM_SCRIPT environment variable is dire
Cross-Site Request Forgery (CSRF) vulnerability in HCL Technologies Ltd. Unica 12.0.0.
Cross-Site Request Forgery (CSRF) vulnerability in Drupal AI (Artificial Intelligence) allows Cross Site Request Forgery.This issue affects AI (Artificial Intelligence): from 1.0.0 before 1.0.2.
A stored cross-site scripting (XSS) vulnerability exists in lunary-ai/lunary versions 1.6.7 and earlier. An attacker can inject malicious JavaScript into the SAML IdP XML metadata, which is used to ge
An improper authorization vulnerability exists in lunary-ai/lunary version 1.5.5. The /users/me/org endpoint lacks adequate access control mechanisms, allowing unauthorized users to access sensitive i
Cross-Site Request Forgery (CSRF) vulnerability in VolThemes Patricia Lite.This issue affects Patricia Lite: from n/a through 1.2.3.
Teedy <= 1.12 is vulnerable to Cross Site Request Forgery (CSRF), due to the lack of CSRF protection.
A Cross-Site Request Forgery (CSRF) vulnerability exists in the backend API of netease-youdao/qanything, as of commit d9ab8bc. The backend server has overly permissive CORS headers, allowing all cross
A Cross-Site Request Forgery (CSRF) vulnerability exists in the latest commit (56b782bcefd2e59b19cd7ba7878b95f54884f502) of the vanna-ai/vanna repository. Two endpoints in the built-in web app that pr
A vulnerability in lunary-ai/lunary, as of commit be54057, allows users to upload and execute arbitrary regular expressions on the server side. This can lead to a Denial of Service (DoS) condition, as
Cross-Site Request Forgery (CSRF) vulnerability in fs-code Booknetic booknetic.This issue affects Booknetic: from n/a through <= 4.0.9.
Cross-Site Request Forgery (CSRF) vulnerability in themeton Seven Stars allows Cross Site Request Forgery. This issue affects Seven Stars: from n/a through 1.4.4.
Cross-Site Request Forgery (CSRF) vulnerability in Marsian allows Cross Site Request Forgery.This issue affects i-transform: from n/a through 3.0.9.
Cross-Site Request Forgery (CSRF) vulnerability in cookiebot Cookiebot cookiebot allows Cross Site Request Forgery.This issue affects Cookiebot: from n/a through <= 4.5.8.
Cross-Site Request Forgery (CSRF) vulnerability in ktsvetkov wp-cyr-cho wp-cyr-cho allows Cross Site Request Forgery.This issue affects wp-cyr-cho: from n/a through <= 0.1.
Page 1+ Next →