Hi, Spring fans! Welcome to another installment of _This Week in Spring_! I'm in crazy cool Kuala Lumpur, Malaysia. If you're around, I'll be doing a presentation this [Thursday the 20th of July](), a ...
Continue Reading
July 18, 2023
[]() A little over a week after [JumpCloud reset API keys of custo ...
Continue Reading
July 18, 2023
rswag before 2.10.1 allows remote attackers to read arbitrary JSON and YAML files via directory traversal, because rswag-api can expose a file that is not the OpenAPI (or Swagger) specification file o ...
Continue Reading
July 17, 2023
Mattermost fails to properly check the authorization of POST /api/v4/teams when passing a team override scheme ID in the request, allowing an authenticated attacker with knowledge of a Team Over ...
Continue Reading
July 17, 2023
PNP4Nagios through 81ebfc5 has stored XSS in the AJAX controller via the basket API and filters. This affects 0.6.26.Read More ...
Continue Reading
July 17, 2023
[ specification file o ...
Continue Reading
July 17, 2023
rswag before 2.10.1 allows remote attackers to read arbitrary JSON and YAML files via directory traversal, because rswag-api can expose a file that is not the OpenAPI (or Swagger) specification file o ...
Continue Reading
July 17, 2023
Back to Main
