CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

CVE-2023-6905

CVE-2023-6903

CVE-2023-6904

CVE-2023-3907

ECOA BAS controller has a Cross-Site Request Forgery vulnerability, thus authenticated attacker can remotely place a forged request at a malicious web page and execute CRUD commands (GET, POST, PUT, DELETE) to perform arbitrary operations in the system.

Headline

CVE-2021-41295: TWCERT/CC台灣電腦網路危機處理暨協調中心-ECOA BAS controller - Cross-Site Request Forgery (CSRF)

CVE: Latest News