Summary
TYPO3 CMS: Broken Access Control in Media Module
References
Related vulnerabilities
All Supply chain →- CRITICALGHSA-8FQ9-273G-6MRG
Avo: Missing Authorization in Avo Association Attach Endpoint Allows Unauthorized Relationship Manipulation and Privilege Escalation
- CRITICALGHSA-X223-P2GF-V735
Langflow: Unauthenticated file upload leads to DoS (space exhaustion) and information leak
- MEDIUMGHSA-FG94-H982-F3MM
Claude Code: Out-of-Band Data Exfiltration via Pre-Approved HuggingFace Domain in WebFetch
- MEDIUMGHSA-P5CP-R7RG-QPXC
Open WebUI: RAG ACL Bypass in Milvus Multitenancy Mode
- HIGHGHSA-RJXQ-QQHF-8HWH
OpenClaw: MCP Streamable HTTP redirects could forward configured custom headers to another origin
- MEDIUMGHSA-CX9V-4QJ2-JRW6
Open WebUI BOLA: `search_knowledge_files` Allows Unauthorized Knowledge Base File Enumeration