Cisco Expressway Series and Cisco TelePresence Video Communication Server Vulnerabilities

Multiple vulnerabilities in the API and in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow a remote attacker to overwr ...

Continue Reading
CVE-2022-30619

Editable SQL Queries behind Base64 encoding sending from the Client-Side to The Server-Side for a particular API used in legacy Work Center module. He attack is available for any authenticated user, i ...

Continue Reading
CVE-2022-32290

The client in Northern.tech Mender 3.2.0, 3.2.1, and 3.2.2 has Incorrect Access Control. It listens on a random, unprivileged TCP port and exposes an HTTP proxy to facilitate API calls from additional ...

Continue Reading
CVE-2021-46687

JFrog Artifactory prior to version 7.31.10 and 6.23.38 is vulnerable to Sensitive Data Exposure through the Project Administrator REST API. This issue affects: JFrog JFrog Artifactory JFrog Artifactor ...

Continue Reading
CVE-2021-45721

JFrog Artifactory prior to version 7.29.8 and 6.23.38 is vulnerable to Reflected Cross-Site Scripting (XSS) through one of the XHR parameters in Users REST API endpoint. This issue affects: JFrog JFro ...

Continue Reading
The End of False Positives for Web and API Security Scanning?

[![Web and API Security Scanning](https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEjCimt_SCWLQcdNEbrjZXG7LZIOZLqabDOXh2YOB9bSW8KcxllFjvEHNlBAQvSYu6UaopnI5klEOBXYCFClSFeumRViac0W26FAogbLqaMSqz ...

Continue Reading
Documents in trash accessible by Viewer role

# Description Once a document is archived or deletec, there is no way to access it through the UI or the Document link. But, the API gives the file information and content. This is same with archived ...

Continue Reading
Cspparse – A Tool To Evaluate Content Security Policies

[![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEik3Z0y7G7sHzYzV0cdLxUwiKMzD2bjTm57cEXNRt1rYNdTA0Cefqi_wjnNLLXMANEiZJdmioum1S1VKtySdz2FJxbnGDaSCQTB8Yok91v7Rk5CCUuAK2kNwkKViTmQT25bjJkiZj ...

Continue Reading

Back to Main

Subscribe for the latest news: