Vulnerabilidades em saltcorn
4 resultadosCVE-2024-47818MEDIUMLogged-in users with any role can delete arbitrary files in @saltcorn/serverEPSS 0.8%CVE-2026-42259MEDIUMSaltcorn: Open Redirect in `POST /auth/login` due to incomplete `is_relative_url` validation (backslash bypass)EPSS 0.3%CVE-2026-40163HIGHSaltcorn has an Unauthenticated Path Traversal in sync endpoints allows arbitrary file write and directory readEPSS 0.3%CVE-2026-41478CRITICALSaltcorn: SQL Injection via Unparameterized Sync Endpoints (maxLoadedId)EPSS 0.3%