If the first post of a discussion is permanently deleted but the discussion stays visible, any actor who can view the discussion is able to create a new reply via the REST API, no matter the reply per ...
Continue Reading11 января, 2023
If the first post of a discussion is permanently deleted but the discussion stays visible, any actor who can view the discussion is able to create a new reply via the REST API, no matter the reply per ...
Continue Reading11 января, 2023
### Impact Gotify exposes an outdated instance of the [Swagger UI](https://swagger.io/tools/swagger-ui/) API documentation frontend at `/docs` which is susceptible to reflected XSS attacks when loadin ...
Continue Reading11 января, 2023
### Impact Gotify exposes an outdated instance of the [Swagger UI](https://swagger.io/tools/swagger-ui/) API documentation frontend at `/docs` which is susceptible to reflected XSS attacks when loadin ...
Continue Reading11 января, 2023
Hello everyone! As we saw in [the last episode](), the results of vulnerability detection for one host produced by two different APIs can vary greatly. Therefore, in order to find out the truth, it is ...
Continue Reading11 января, 2023
As we enter the first second Tuesday of the year, it is noteworthy that both Microsoft and Adobe have released their latest security updates and fixes. We invite you to join us as we review and discus ...
Continue Reading11 января, 2023
### Summary A session fixation attack allows an attacker to hijack a legitimate user session. The attack investigates a flaw in how the online application handles the session ID, especially the suscep ...
Continue Reading10 января, 2023
API interfaces with unauthorized access will leak sensitive information via `/kubepi/api/v1/systems/operation/logs/search` and `/kubepi/api/v1/systems/login/logs/search`Read More ...
Continue Reading10 января, 2023
Back to Main