An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.7 before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1 w ...
Continue ReadingJune 06, 2024
Mattermost versions 9.5.x <= 9.5.3, 9.6.x <= 9.6.1 and 8.1.x <= 8.1.12 fail to perform proper access control which allows a guest to get the metadata of a public playbook run tha ...
Continue ReadingJune 06, 2024
This report was created as part of the investigation for the Spot Check about the Spot Checks feature. Hi, I discovered team members / hackerone staff can modify a user's spot check write-up. I b ...
Continue ReadingJune 06, 2024
Hi, Spring fans, from London! I'm in this fabulous country doing my level-headed best to refrain from dooing Mr. Bean bits, because, honestly, if I - an avid and prolific fan of Spring and its ma ...
Continue ReadingJune 04, 2024
Mattermost is vulnerable to Improper Access Control. The vulnerability is due to a failure to perform proper access control, allowing a guest to retrieve metadata of a public playbook run linked to a ...
Continue ReadingMay 28, 2024
The GraphQL controller lacked any CSRF protection, meaning authenticated users could be forced or tricked into visiting a URL that would send a GET request to the affected web server that could mutate ...
Continue ReadingMay 28, 2024
The GraphQL controller lacked any CSRF protection, meaning authenticated users could be forced or tricked into visiting a URL that would send a GET request to the affected web server that could mutate ...
Continue ReadingMay 28, 2024
Hi, Spring fans! Welcome to another installment of This Week in Spring! And what a week it will be! I'm in Venice, Italy, on a little vacation, but tomorrow I begin a quick journey to beautiful S ...
Continue ReadingMay 27, 2024
Back to Main