Summary
Budibase: Mass Assignment in Webhook Trigger Allows Cross-Workspace Automation Execution via appId Override
References
Related vulnerabilities
All Supply chain →- HIGHGHSA-HP36-V28F-W3R4
flat-to-nested: Prototype pollution in flat-to-nested convert() via __proto__ parent/id key
- MEDIUMGHSA-2JX3-65F3-XR8R
spomky-labs/otphp: Mass-assignment in Factory::loadFromProvisioningUri lets a hostile provisioning URI corrupt OTP state or leak an uncaught TypeError
- HIGHGHSA-WV27-2VQP-J7G5
Gogs has the ability to import local repositories via Mirror Settings
- HIGHGHSA-PWX3-QCGW-VH7H
Gogs Vulnerable to CSRF Leading to Organization Owner Takeover
- HIGHGHSA-P9F5-H3RX-J5QW
Gogs Missing Authorization in Attachment Download
- HIGHGHSA-JQ8V-RMF6-65JW
Gogs has Stored XSS in `.ipynb` Preview