github.com/rancher/apiserver is vulnerable to Cross-site Scripting (XSS). The vulnerability is due to the ParseRequestURL function within base.go constructing a URL from parts of the request without p ...
Continue Reading
February 14, 2024
Apache Solr is vulnerable to Unrestricted File Upload. The vulnerability is due to the ConfigSets API accepting and uploading jar/class files without proper restriction of file type. When backing up S ...
Continue Reading
February 14, 2024
Summary Email validation can easily be bypassed because verify_email_enabled option enable email validation at sign up only. A user changing it's email after signing up (and verifying it) can cha ...
Continue Reading
February 14, 2024
Summary Email validation can easily be bypassed because verify_email_enabled option enable email validation at sign up only. A user changing it's email after signing up (and verifying it) can cha ...
Continue Reading
February 14, 2024
Summary Email validation can easily be bypassed because verify_email_enabled option enable email validation at sign up only. A user changing it's email after signing up (and verifying it) can cha ...
Continue Reading
February 14, 2024
Taking a data-rich approach to security is the most effective way to stay a step ahead of today?s quickly evolving API...Read More ...
Continue Reading
February 13, 2024
Security Advisory Description urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn't treat the Cookie HTTP header special or provide any helpers for managing cookies over HTTP ...
Continue Reading
February 13, 2024
As our hunt against malicious Python packages continues, Imperva Threat Research recently discovered an attempt to masquerade Fade Stealer malware as a nondescript package, Colorama. Why Colorama? Col ...
Continue Reading
February 13, 2024
Back to Main
