Category - API Security Blog

serdceprirody.ru Cross Site Scripting vulnerability OBB-2648556

Following the coordinated and responsible vulnerability disclosure guidelines of the **[ISO 29147]()** standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. not ...

June 12, 2022

RST Threat feed. IOC: api-account.gostormgain.tk

Found **api-account[.]gostormgain.tk** in [RST Threat Feed](htt...Read More ...

June 12, 2022

RST Threat feed. IOC: api.msetup.pro

Found **api[.]msetup.pro** in [RST Threat Feed](https://rstclou...Read More ...

June 12, 2022

RST Threat feed. IOC: https://ws.alleqro.pl.priyadarshi.net/upload-data/form/auth.htm?authorization-allegro-pl/auth/oauth/authorize?client_id=tb5sff3c…

Found **https://ws[.]alleqro.pl.priyadarshi.net/upload-data/form...Read More ...

June 12, 2022

CVE-2022-2013

In Octopus Server after version 2022.1.1495 and before 2022.1.2647 if private spaces were enabled via the experimental feature flag all new users would have access to the Script Console within their p ...

June 12, 2022

schmidtabrasiveblasting.com Cross Site Scripting vulnerability OBB-2648510

Following the coordinated and responsible vulnerability disclosure guidelines of the **[ISO 29147]()** standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. not ...

June 12, 2022

ostravablog.cz Cross Site Scripting vulnerability OBB-2648509

Following the coordinated and responsible vulnerability disclosure guidelines of the **[ISO 29147]()** standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. not ...

June 12, 2022

november.org Cross Site Scripting vulnerability OBB-2648505

Following the coordinated and responsible vulnerability disclosure guidelines of the **[ISO 29147]()** standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. not ...

June 12, 2022