RSS   Podatności dla 'Seafile'   RSS

2023-12-09
 
CVE-2023-28873

CWE-79
 

 
An XSS issue in wiki and discussion pages in Seafile 9.0.6 allows attackers to inject JavaScript into the Markdown editor.

 
 
CVE-2023-28874

CWE-601
 

 
The next parameter in the /accounts/login endpoint of Seafile 9.0.6 allows attackers to redirect users to arbitrary sites.

 
2021-04-06
 
CVE-2021-30146

CWE-79
 

 
Seafile 7.0.5 (2019) allows Persistent XSS via the "share of library functionality."

 
2019-02-20
 
CVE-2013-7469

CWE-326
 

 
Seafile through 6.2.11 always uses the same Initialization Vector (IV) with Cipher Block Chaining (CBC) Mode to encrypt private data, making it easier to conduct chosen-plaintext attacks or dictionary attacks.

 

 >>> Vendor: Seafile 4 Produkty
Seadroid
Seafile
Seafile-client
Seafile server


Copyright 2024, cxsecurity.com

 

Back to Top