Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified th ...
Continue ReadingOctober 09, 2024
Summary: Hi Team in the policy of mozilla emails and names of workers is private and dont be shared or disclosure anyway ! because of this restriction all workers in moz gived id and worker name ab ...
Continue ReadingOctober 09, 2024
This test report has been disclosed by 20_root....Read More ...
Continue ReadingOctober 09, 2024
A flaw was found in Keycloak. Certain endpoints in Keycloak's admin REST API allow low-privilege users to access administrative functionalities. This flaw allows users to perform actions reserved ...
Continue ReadingOctober 09, 2024
An Insecure Direct Object Reference (IDOR) vulnerability exists in open-webui/open-webui version v0.3.8. The vulnerability occurs in the API endpoint https://0.0.0.0:3000/api/v1/memories/{id}/update, w ...
Continue ReadingOctober 09, 2024
In version v0.3.8 of open-webui/open-webui, the endpoint /api/pipelines/upload is vulnerable to arbitrary file write and delete due to unsanitized file.filename concatenation with CACHE_DIR. This vuln ...
Continue ReadingOctober 09, 2024
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified th ...
Continue ReadingOctober 09, 2024
Back to Main