GitLab – “impersonate” Feature Privilege Escalation
>> ARCHIVE: 2016-08
GitLab – “impersonate” Feature Privilege Escalation
WordPress Advanced Custom Fields: Table Field plugin version 1.1.12 suffers from a persistent cross site scripting vulnerability.
Nagios Log Server versions 1.4.1 and below suffer from authentication bypass, privilege escalation, cross site scripting, and inconsistent control vulnerabilities.
Nagios Network Analyzer versions 2.2.0 and below suffer from authentication bypass, arbitrary code execution, and remote SQL injection vulnerabilities.
Nagios Incident Manager versions 2.0.0 and below suffer from code execution, cross site scripting, and remote SQL injection vulnerabilities.
WSO2 Identity Server version 5.1.0 suffers from cross site request forgery and XML external-entity injection vulnerabilities.
WSO2 Carbon version 4.4.5 suffers from a local file inclusion vulnerability.
WSO2 Carbon version 4.4.5 suffers from multiple cross site scripting vulnerabilities.
WSO2 Carbon version 4.4.5 suffers from a cross site request forgery vulnerability that can trigger a denial of service condition.
The SonarQube Jenkins plugin in Jenkins CI suffers from a plain text password disclosure vulnerability.