Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2023-42183

Disclosure Date: December 15, 2023 (last updated December 29, 2023)
lockss-daemon (aka Classic LOCKSS Daemon) before 1.77.3 performs post-Unicode normalization, which may allow bypass of intended access restrictions, such as when U+1FEF is converted to a backtick.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0