The /api/v1/users/{username} endpoint leaked sensitive email-related metadata, such as the user's email confirmation status and privacy settings, without proper authorization checks. This allowed ...
Continue Reading
July 12, 2025
The vulnerability allowed a member to clone an agent managed by the admin by modifying the agent's unique identifier (sid). This resulted in the admin being unable to effectively disable the agen ...
Continue Reading
July 12, 2025
A stored cross-site scripting (XSS) vulnerability was discovered in the Dust platform's file upload functionality. An attacker could upload a malicious HTML file to a conversation. When another u ...
Continue Reading
July 12, 2025
Vulnerability description not...Read More ...
Continue Reading
July 12, 2025
Vulnerability description not...Read More ...
Continue Reading
July 12, 2025
Vulnerability description not...Read More ...
Continue Reading
July 12, 2025
The Facebook username associated with the broken link in the footer was available for takeover. This could have allowed an attacker to create a fake Facebook page and mislead users into trusting...Rea ...
Continue Reading
July 12, 2025
Vulnerability description not...Read More ...
Continue Reading
July 12, 2025
Back to Main
