admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-08-09 10:00:54 +00:00
parent ab1c8f7c51
commit 46b824793d
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
5 changed files with 18 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
2021/37xxx/CVE-2021-37211.json
View File

@ -38,7 +38,7 @@
"description_data": [
{
"lang": "eng",
"value": "The bulletin function of Flygo does not filter special characters while a new announcement is added. Remoter attackers can use the vulnerability with general users credential to inject JavaScript and execute stored XSS attacks."
"value": "The bulletin function of Flygo does not filter special characters while a new announcement is added. Remoter attackers can use the vulnerability with general user\u2019s credential to inject JavaScript and execute stored XSS attacks."
}
]
},
@ -76,8 +76,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.twcert.org.tw/tw/cp-132-4988-8f642-1.html"
"refsource": "MISC",
"url": "https://www.twcert.org.tw/tw/cp-132-4988-8f642-1.html",
"name": "https://www.twcert.org.tw/tw/cp-132-4988-8f642-1.html"
}
]
},

5
2021/37xxx/CVE-2021-37212.json
View File

@ -76,8 +76,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.twcert.org.tw/tw/cp-132-4989-5d955-1.html"
"refsource": "MISC",
"url": "https://www.twcert.org.tw/tw/cp-132-4989-5d955-1.html",
"name": "https://www.twcert.org.tw/tw/cp-132-4989-5d955-1.html"
}
]
},

7
2021/37xxx/CVE-2021-37213.json
View File

@ -38,7 +38,7 @@
"description_data": [
{
"lang": "eng",
"value": "The check-in record page of Flygo contains Insecure Direct Object Reference (IDOR) vulnerability. After being authenticated as a general user, remote attackers can manipulate the employee ID and date in specific parameters to access particular employees check-in record."
"value": "The check-in record page of Flygo contains Insecure Direct Object Reference (IDOR) vulnerability. After being authenticated as a general user, remote attackers can manipulate the employee ID and date in specific parameters to access particular employee\u2019s check-in record."
}
]
},
@ -76,8 +76,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.twcert.org.tw/tw/cp-132-4990-0c75d-1.html"
"refsource": "MISC",
"url": "https://www.twcert.org.tw/tw/cp-132-4990-0c75d-1.html",
"name": "https://www.twcert.org.tw/tw/cp-132-4990-0c75d-1.html"
}
]
},

5
2021/37xxx/CVE-2021-37214.json
View File

@ -76,8 +76,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.twcert.org.tw/tw/cp-132-4991-658b1-1.html"
"refsource": "MISC",
"url": "https://www.twcert.org.tw/tw/cp-132-4991-658b1-1.html",
"name": "https://www.twcert.org.tw/tw/cp-132-4991-658b1-1.html"
}
]
},

7
2021/37xxx/CVE-2021-37215.json
View File

@ -38,7 +38,7 @@
"description_data": [
{
"lang": "eng",
"value": "The employee management page of Flygo contains an Insecure Direct Object Reference (IDOR) vulnerability.\nAfter being authenticated as a general user, remote attacker can manipulate the user data and then over-write another employees user data by specifying that employees ID in the API parameter."
"value": "The employee management page of Flygo contains an Insecure Direct Object Reference (IDOR) vulnerability. After being authenticated as a general user, remote attacker can manipulate the user data and then over-write another employee\u2019s user data by specifying that employee\u2019s ID in the API parameter."
}
]
},
@ -76,8 +76,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.twcert.org.tw/tw/cp-132-4992-dac66-1.html"
"refsource": "MISC",
"url": "https://www.twcert.org.tw/tw/cp-132-4992-dac66-1.html",
"name": "https://www.twcert.org.tw/tw/cp-132-4992-dac66-1.html"
}
]
},