The `xml.etree.ElementTree` module that mofh used up until version `1.0.1` implements a simple and efficient API for parsing and creating XML data. But it makes the application vulnerable to: - [Billi ...
Continue Reading
August 11, 2022
[ For more than a year, we have been providing free intelligence services via [th ...
Continue Reading
August 11, 2022
LocalStack is vulnerable to cross-site scripting. The vulnerability is due to not having CSRF protection. An attacker can trick a user into visiting a website with malicious Javascript code, which que ...
Continue Reading
August 11, 2022
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer, and OpUtils before 2022-07-27 through 2022-07-28 (125657, 126002, 126104 ...
Continue Reading
August 10, 2022
WMS 3.7 contains a Path Traversal Vulnerability in Device API. An attacker could potentially exploit this vulnerability, to gain unauthorized read access to the files stored on the server filesystem, ...
Continue Reading
August 10, 2022
Black Hat USA is celebrating its 25th anniversary, and Wallarm will be on hand for the festivities. If youre headed to Vegas this year, we invite you to meet our crew and talk about API security. ** ...
Continue Reading
August 10, 2022
The Splunk Enterprise REST API allows enumeration of usernames via the lockout error message. The potential vulnerability impacts Splunk Enterprise instances before 8.1.7 when configured to return ver ...
Continue Reading
August 10, 2022
Back to Main
