[原文]Open redirect vulnerability in Xsuite 220.127.116.11 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirurl parameter.
[原文]The MySQL "root" user in Xsuite 2.x does not have a password set, which allows local users to access databases on the system.
[原文]In Pulp before version 2.16.2, secrets are passed into override_config when triggering a task and then become readable to all users with read access on the distributor/importer. An attacker with API access can then view these secrets.
[原文]An improper input validation vulnerability in CA Privileged Access Manager 18.104.22.168 and earlier allows remote attackers to execute arbitrary commands.
[原文]** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
[原文]An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary commands with specially crafted requests.