| CVE-2025-54791 |
unknown |
— |
— |
|
|
|
10mo ago |
OMERO.web displays unecessary user information when requesting password reset |
| CVE-2024-35180 |
unknown |
— |
— |
|
|
|
2y ago |
OMERO.web must check that the JSONP callback is a valid function |
| CVE-2020-7932 |
unknown |
— |
— |
|
|
|
4y ago |
OMERO.web before 5.6.3 optionally allows sensitive data elements (e.g., a session key) to be passed as URL query parameters. If an attacker tricks a user into clicking a malicious link in OMERO.web, … |
| CVE-2021-41132 |
unknown |
— |
— |
|
|
|
5y ago |
OMERO.web provides a web based client and plugin infrastructure. In versions prior to 5.11.0, a variety of templates do not perform proper sanitization through HTML escaping. Due to the lack of sanit… |
| CVE-2021-21377 |
unknown |
— |
— |
|
|
|
5y ago |
OMERO.web is open source Django-based software for managing microscopy imaging. OMERO.web before version 5.9.0 supports redirection to a given URL after performing login or switching the group contex… |
| CVE-2021-21376 |
unknown |
— |
— |
|
|
|
5y ago |
OMERO.web is open source Django-based software for managing microscopy imaging. OMERO.web before version 5.9.0 loads various information about the current user such as their id, name and the groups t… |
