CVE-2024-4006

An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.7 before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1 w ...

Continue Reading
CVE-2024-34152

Mattermost versions 9.5.x <= 9.5.3, 9.6.x <= 9.6.1 and 8.1.x <= 8.1.12 fail to perform proper access control which allows a guest to get the metadata of a public playbook run tha ...

Continue Reading
HackerOne: [ Spot Check ] Team members can edit a user’s write-up

This report was created as part of the investigation for the Spot Check about the Spot Checks feature. Hi, I discovered team members / hackerone staff can modify a user's spot check write-up. I b ...

Continue Reading
This Week in Spring – June 4th, 2024

Hi, Spring fans, from London! I'm in this fabulous country doing my level-headed best to refrain from dooing Mr. Bean bits, because, honestly, if I - an avid and prolific fan of Spring and its ma ...

Continue Reading
Improper Access Control

Mattermost is vulnerable to Improper Access Control. The vulnerability is due to a failure to perform proper access control, allowing a guest to retrieve metadata of a public playbook run linked to a ...

Continue Reading
silverstripe/graphql Cross-Site Request Forgery vulnerability

The GraphQL controller lacked any CSRF protection, meaning authenticated users could be forced or tricked into visiting a URL that would send a GET request to the affected web server that could mutate ...

Continue Reading
silverstripe/graphql Cross-Site Request Forgery vulnerability

The GraphQL controller lacked any CSRF protection, meaning authenticated users could be forced or tricked into visiting a URL that would send a GET request to the affected web server that could mutate ...

Continue Reading
This Week in Spring – May 27th, 2024

Hi, Spring fans! Welcome to another installment of This Week in Spring! And what a week it will be! I'm in Venice, Italy, on a little vacation, but tomorrow I begin a quick journey to beautiful S ...

Continue Reading

Back to Main

Subscribe for the latest news: