Category - API Security Blog

shaaditimes.com Cross Site Scripting vulnerability OBB-2648558

Following the coordinated and responsible vulnerability disclosure guidelines of the **[ISO 29147]()** standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. not ...

12 июня, 2022

serdceprirody.ru Cross Site Scripting vulnerability OBB-2648556

Following the coordinated and responsible vulnerability disclosure guidelines of the **[ISO 29147]()** standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. not ...

12 июня, 2022

RST Threat feed. IOC: api-account.gostormgain.tk

Found **api-account[.]gostormgain.tk** in [RST Threat Feed](htt...Read More ...

12 июня, 2022

RST Threat feed. IOC: api.msetup.pro

Found **api[.]msetup.pro** in [RST Threat Feed](https://rstclou...Read More ...

12 июня, 2022

RST Threat feed. IOC: https://ws.alleqro.pl.priyadarshi.net/upload-data/form/auth.htm?authorization-allegro-pl/auth/oauth/authorize?client_id=tb5sff3c…

Found **https://ws[.]alleqro.pl.priyadarshi.net/upload-data/form...Read More ...

12 июня, 2022

CVE-2022-2013

In Octopus Server after version 2022.1.1495 and before 2022.1.2647 if private spaces were enabled via the experimental feature flag all new users would have access to the Script Console within their p ...

12 июня, 2022

schmidtabrasiveblasting.com Cross Site Scripting vulnerability OBB-2648510

Following the coordinated and responsible vulnerability disclosure guidelines of the **[ISO 29147]()** standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. not ...

12 июня, 2022

ostravablog.cz Cross Site Scripting vulnerability OBB-2648509

Following the coordinated and responsible vulnerability disclosure guidelines of the **[ISO 29147]()** standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. not ...

12 июня, 2022