RSS   Podatności dla 'Nacos'   RSS

2022-07-05
 
CVE-2021-43116

CWE-287
 

 
An Access Control vulnerability exists in Nacos 2.0.3 in the access prompt page; enter username and password, click on login to capture packets and then change the returned package, which lets a malicious user login.

 
2022-03-11
 
CVE-2021-44667

CWE-79
 

 
A Cross Site Scripting (XSS) vulnerability exists in Nacos 2.0.3 in auth/users via the (1) pageSize and (2) pageNo parameters.

 

 >>> Vendor: Alibaba 5 Produkty
Alibaba
Alipay activex control
Druid
Nacos
Fastjson


Copyright 2024, cxsecurity.com

 

Back to Top