Summary
File Browser: Improper Access Control Occurs via Pre-Created Public Share for a Non-existent Path
References
Related vulnerabilities
All Supply chain →- LOWGHSA-R95R-RJ6R-C39X
Pi Agent: Race condition in Pi auth.json writes could expose stored credentials
- HIGHGHSA-9WCP-79G5-5C3C
Appsmith Super User Creation Race Condition Allows Multiple Instance Administrators
- MEDIUMGHSA-HHPQ-7WG4-36JM
CakePHP Authentication: Open redirect weakness via backslash bypass
- CRITICALGHSA-8FQ9-273G-6MRG
Avo: Missing Authorization in Avo Association Attach Endpoint Allows Unauthorized Relationship Manipulation and Privilege Escalation
- MEDIUMGHSA-X2QC-CMH9-F4HF
Deno: Denial of service via non-ASCII bytes in WebSocket response headers
- CRITICALGHSA-2F55-G35J-5JMF
HAPI FHIR: XXE in XsltUtilities.saxonTransform via unhardened Saxon TransformerFactory