Users should apply the code changes in commits `886cc6b94`, `2ef0f50880`, and `6942e8b2c` to resolve this vulnerability. Exploiting this on-wiki requires the `(editinterface)` right. An attacker may exploit this and would have a cross site scripting attack vector. Special:ManageWiki does not escape escape interface messages on the `columns` and `help` keys on the form descriptor. CVE-2024-25451 Bento4 v1.6.0-640 was discovered to contain an out-of-memory bug via the AP4_DataBuffer::ReallocateBuffer() function.ĬVE-2024-25143 The Document and Media widget In Liferay Portal 7.2.0 through 7.3.6, and older unsupported versions, and Liferay DXP 7.3 before service pack 3, 7.2 before fix pack 13, and older unsupported versions, does not limit resource consumption when generating a preview image, which allows remote authenticated users to cause a denial of service (memory consumption) via crafted PNG images.ĬVE-2024-25109 ManageWiki is a MediaWiki extension allowing users to manage wikis.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |