Multiple vulnerabilities in the API and in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow a remote attacker to overwr ...

Continue Reading

July 06, 2022

Editable SQL Queries behind Base64 encoding sending from the Client-Side to The Server-Side for a particular API used in legacy Work Center module. He attack is available for any authenticated user, i ...

Continue Reading

July 06, 2022

The client in Northern.tech Mender 3.2.0, 3.2.1, and 3.2.2 has Incorrect Access Control. It listens on a random, unprivileged TCP port and exposes an HTTP proxy to facilitate API calls from additional ...

Continue Reading

July 06, 2022

JFrog Artifactory prior to version 7.31.10 and 6.23.38 is vulnerable to Sensitive Data Exposure through the Project Administrator REST API. This issue affects: JFrog JFrog Artifactory JFrog Artifactor ...

Continue Reading

July 06, 2022

JFrog Artifactory prior to version 7.29.8 and 6.23.38 is vulnerable to Reflected Cross-Site Scripting (XSS) through one of the XHR parameters in Users REST API endpoint. This issue affects: JFrog JFro ...

Continue Reading

July 06, 2022

[![Web and API Security Scanning](https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEjCimt_SCWLQcdNEbrjZXG7LZIOZLqabDOXh2YOB9bSW8KcxllFjvEHNlBAQvSYu6UaopnI5klEOBXYCFClSFeumRViac0W26FAogbLqaMSqz ...

Continue Reading

July 06, 2022

# Description Once a document is archived or deletec, there is no way to access it through the UI or the Document link. But, the API gives the file information and content. This is same with archived ...

Continue Reading

July 06, 2022

[![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEik3Z0y7G7sHzYzV0cdLxUwiKMzD2bjTm57cEXNRt1rYNdTA0Cefqi_wjnNLLXMANEiZJdmioum1S1VKtySdz2FJxbnGDaSCQTB8Yok91v7Rk5CCUuAK2kNwkKViTmQT25bjJkiZj ...

Continue Reading

July 05, 2022