CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

CVE-2023-6905

CVE-2023-6903

CVE-2023-6904

CVE-2023-3907

Stored XSS due to Unrestricted File Upload in GitHub repository star7th/showdoc prior to v2.10.4.

Permalink

Browse files

Merge pull request #1629 from ajaysenr/master

Update AttachmentModel.class.php

*   Loading branch information

![@star7th](https://avatars.githubusercontent.com/u/2200494?s=40&v=4)

2 parents 830c89a + 52d1d90 commit 78522520892d4e29cc94148c6ec84a204a607b73

Showing with **1 addition** and **0 deletions**.

1.  +1 −0 server/Application/Api/Model/AttachmentModel.class.php

@@ -304,6 +304,7 @@ public function isDangerFilename($filename){

|| $isDangerStr($filename , "%")

|| $isDangerStr($filename , ".xml")

|| $isDangerStr($filename , ".xxhtml")

|| $isDangerStr($filename , ".aspx")

) {

return true;

}

**0 comments on commit `7852252`**

Please sign in to comment.

Headline

CVE-2022-0940: Merge pull request #1629 from ajaysenr/master · star7th/showdoc@7852252

CVE: Latest News