Dell EMC Unisphere for PowerMax versions prior to 126.96.36.199, Dell EMC Unisphere for PowerMax Virtual Appliance versions prior to 188.8.131.52, and PowerMax OS Release 5978 contain an authorization bypass vulnerability. An authenticated malicious user may potentially execute commands to alter or stop database statistics.
Dell EMC Unisphere for PowerMax versions prior to 184.108.40.206, Dell EMC Unisphere for PowerMax Virtual Appliance versions prior to 220.127.116.11, and PowerMax OS Release 5978 contain an improper certificate validation vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to carry out a man-in-the-middle attack by supplying a crafted certificate and intercepting the v ...
In PrestaShop from version 18.104.22.168 and before version 22.214.171.124, the authentication system is malformed and an attacker is able to forge requests and execute admin commands. The problem is fixed in 126.96.36.199.
In October from version 1.0.319 and before version 1.0.467, pasting content copied from malicious websites into the Froala richeditor could result in a successful self-XSS attack. This has been fixed in 1.0.467.
Versions before 8.9.1, Various resources in Jira responded with a 404 instead of redirecting unauthenticated users to the login page, in some situations this may have allowed unauthorised attackers to determine if certain resources exist or not through an Information Disclosure vulnerability.