MainWP: Reflected XSS in “Client Notes” Field

A reflected Cross-Site Scripting (XSS) vulnerability was discovered in the "Notes" functionality under the Edit Client section. User input in the notes input field was not properly s ...

Continue Reading

August 05, 2025

curl: Disclosure of email addresses

Vulnerability description not...Read More ...

Continue Reading

August 05, 2025

Mozilla: Bypass “No Links” Restriction in Biography via Protocol-Relative URL (//)

The report identifies a bypass vulnerability in the biography field on addons.allizom.org. Despite the application's policy against allowing links, it was possible to embed functional hyperlinks ...

Continue Reading

August 05, 2025

Lichess: Improper Authentication Throttling Allows Attacker-Controlled Account Lockouts

Vulnerability description not...Read More ...

Continue Reading

August 05, 2025

curl: Disk Space Exhaustion leading to a Denial of Service (DoS)

Vulnerability description not...Read More ...

Continue Reading

August 05, 2025

curl: Sensitive information disclosure with malicious netrc file

Vulnerability description not...Read More ...

Continue Reading

August 05, 2025

Lichess: CSRF at Network feature

A CSRF vulnerability was found in the network feature, where an attacker could change the Network Routing settings by sending a CSRF script to the...Read More ...

Continue Reading

August 05, 2025

curl: Security check up

Vulnerability description not...Read More ...

Continue Reading

August 05, 2025

1 42,357 42,358 42,359 42,360 42,361 385,998

Back to Main
Subscribe for the latest news: