CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-1143
https://notcve.org/view.php?id=CVE-2024-1143
Central Dogma versions prior to 0.64.1 is vulnerable to Cross-Site Scripting (XSS), which could allow for the leakage of user sessions and subsequent authentication bypass. Las versiones de Central Dogma anteriores a la 0.64.0 son vulnerables a Cross-Site Scripting (XSS), lo que podría permitir la fuga de sesiones de usuario y la posterior omisión de autenticación. • https://github.com/line/centraldogma/security/advisories/GHSA-34q3-p352-c7q8 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-38388
https://notcve.org/view.php?id=CVE-2021-38388
Central Dogma allows privilege escalation with mirroring to the internal dogma repository that has a file managing the authorization of the project. Central Dogma permite una escalada de privilegios con mirroring al repositorio interno de dogma que presenta un archivo que administra la autorización del proyecto • https://github.com/line/centraldogma/pull/621 • CWE-862: Missing Authorization •