Security
Headlines

Headlines Latest CVEs

Headline

GHSA-52vj-mr2j-f8jh: Server-Side Template Injection in formio

A Server-Side Template Injection (SSTI) was discovered in Form.io 2.0.0. This leads to Remote Code Execution during deletion of the default Email template URL.

2 years ago

Server-Side Template Injection in formio

Moderate severity GitHub Reviewed Published Jun 3, 2022 • Updated Jun 3, 2022

Related news

CVE-2020-28246: GitHub - formio/formio: A Form and Data Management Platform for Progressive Web Applications.

A Server-Side Template Injection (SSTI) was discovered in Form.io 2.0.0. This leads to Remote Code Execution during deletion of the default Email template URL.

2 years ago

#web #mac #windows #nodejs #js #git #rce #auth #mongo #docker

ghsa: Latest News

GHSA-x645-6pf9-xwxw: LibreNMS has an Authenticated OS Command Injection

4 hours ago

GHSA-gv4m-f6fx-859x: LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/print-customoid.php

5 hours ago

GHSA-28p7-f6h6-3jh3: LibreNMS has a Reflected XSS ('Cross-site Scripting') in librenms/includes/html/pages/wireless.inc.php

5 hours ago

GHSA-p66q-ppwr-q5j8: LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/dev-overview-data.inc.php

5 hours ago

GHSA-7663-37rg-c377: LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/app/Http/Controllers/Table/EditPortsController.php

5 hours ago