kb.wisconsin.edu Cross Site Scripting vulnerability OBB-3960336

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified th ...

Continue Reading
Mozilla: Privates Emails of Moz Workers Leaked in Public file

Summary: Hi Team in the policy of mozilla emails and names of workers is private and dont be shared or disclosure anyway ! because of this restriction all workers in moz gived id and worker name ab ...

Continue Reading
mycompany VDP: This test report has been disclosed by 20_root.

This test report has been disclosed by 20_root....Read More ...

Continue Reading
nullsec VDP: Test by HDR

Test by...Read More ...

Continue Reading
CVE-2024-3656 Keycloak: unguarded admin rest api endpoints allows low privilege users to use administrative functionalities

A flaw was found in Keycloak. Certain endpoints in Keycloak's admin REST API allow low-privilege users to access administrative functionalities. This flaw allows users to perform actions reserved ...

Continue Reading
CVE-2024-7041

An Insecure Direct Object Reference (IDOR) vulnerability exists in open-webui/open-webui version v0.3.8. The vulnerability occurs in the API endpoint https://0.0.0.0:3000/api/v1/memories/{id}/update, w ...

Continue Reading
CVE-2024-7037

In version v0.3.8 of open-webui/open-webui, the endpoint /api/pipelines/upload is vulnerable to arbitrary file write and delete due to unsanitized file.filename concatenation with CACHE_DIR. This vuln ...

Continue Reading
powergen.ai Cross Site Scripting vulnerability OBB-3960240

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified th ...

Continue Reading

Back to Main

Subscribe for the latest news: