API - API Security Blog

The End of False Positives for Web and API Security Scanning?

[![Web and API Security Scanning](https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEjCimt_SCWLQcdNEbrjZXG7LZIOZLqabDOXh2YOB9bSW8KcxllFjvEHNlBAQvSYu6UaopnI5klEOBXYCFClSFeumRViac0W26FAogbLqaMSqz ...

July 06, 2022

Documents in trash accessible by Viewer role

# Description Once a document is archived or deletec, there is no way to access it through the UI or the Document link. But, the API gives the file information and content. This is same with archived ...

July 06, 2022

Cspparse – A Tool To Evaluate Content Security Policies

[![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEik3Z0y7G7sHzYzV0cdLxUwiKMzD2bjTm57cEXNRt1rYNdTA0Cefqi_wjnNLLXMANEiZJdmioum1S1VKtySdz2FJxbnGDaSCQTB8Yok91v7Rk5CCUuAK2kNwkKViTmQT25bjJkiZj ...

July 05, 2022

CVE-2022-30290

In OpenCTI through 5.2.4, a broken access control vulnerability has been identified in the profile endpoint. An attacker can abuse the identified vulnerability in order to arbitrarily change their reg ...

July 05, 2022

SUSE SLES15 Security Update : salt (SUSE-SU-2022:2253-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2022:2253-1 advisory. - An issue was discovered in SaltStack Salt in versi ...

July 05, 2022

Exploit for Unrestricted Upload of File with Dangerous Type in Wso2 Api Manager

# WSO2RCE A [CVE-2022-29464](https://docs.wso2.com/display/Secu...Read More ...

July 05, 2022

[SECURITY] Fedora 36 Update: golang-github-golangci-lint-1-0-0.5.20200828gitd2cdd8c.fc36

Fork of the official Go linter with API enhancementsRead More ...

July 04, 2022

[SECURITY] Fedora 36 Update: golang-github-googleapis-gnostic-0.5.3-6.fc36

This package contains a Go command line tool which converts JSON and YAML OpenAPI descriptions to and from equivalent Protocol Buffer representations. Protocol Buffers provide a language-neutral, pla ...

July 04, 2022