The FULL - Customer plugin for WordPress is vulnerable to Information Disclosure via the /health REST route in versions up to, and including, 2.2.3 due to improper authorization. This allows authentic ...
Continue Reading
August 09, 2023
**Issue Overview:** The SSI printenv command in Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 echoes user provided data without escaping and is, therefore, vulnerable to XSS. ...
Continue Reading
August 09, 2023
gitlab is vulnerable to Information Disclosure. The vulnerability may allow an authenticated user to unmask the Discord Webhook URL through viewing the raw API response.Read More ...
Continue Reading
August 09, 2023
gitlab is vulnerable to Information Disclosure. Non-project members are able to retrieve release descriptions via the API, even if the release visibility is restricted to project members only in the p ...
Continue Reading
August 09, 2023
chromium is vulnerable to Insufficient Policy Enforcement. Insufficient policy enforcement in File System API allows a remote attacker to bypass filesystem restrictions via a crafted HTML page.Read Mo ...
Continue Reading
August 09, 2023
OpenTelemetry Java Instrumentation provides OpenTelemetry auto-instrumentation and instrumentation libraries for Java. OpenTelemetry Java Instrumentation prior to version 1.28.0 contains an issue rela ...
Continue Reading
August 09, 2023
Hi, Spring fans! Welcome to another installment of _This Week in Spring_! I'm _baaaaack_ in the USA for the first time in more than two months, and it feels great to be home! I just concluded a tour o ...
Continue Reading
August 09, 2023
Post ContentRead More ...
Continue Reading
August 09, 2023
Back to Main
