WordPress UserPro 5.1.x Password Reset / Authentication Bypass / Escalation

...Read More ...

Continue Reading

14 декабря, 2023

Mattermost Open Redirect vulnerability

Mattermost fails to properly check a redirect URL parameter allowing for an open redirect was possible when the user clicked "Back to Mattermost" after providing a invalid custom ur ...

Continue Reading

14 декабря, 2023

Scanning Danger: Unmasking the Threats of Quishing

Scanning Danger: Unmasking the Threats of Quishing By Shyava Tripathi, Raghav Kapoor and Rohan Shah · December 07, 2023 Phishing, a prevalent cybercrime worldwide, is responsible for as much as 90 p ...

Continue Reading

14 декабря, 2023

Non-Human Access is the Path of Least Resistance: A 2023 Recap

2023 has seen its fair share of cyber attacks, however there's one attack vector that proves to be more prominent than others - non-human access. With 11 high-profile attacks in 13 months and an ...

Continue Reading

14 декабря, 2023

Improper Authorization

next-auth is vulnerable to Improper Authorization. A malicious actor could create an empty/mock user by getting hold of a NextAuth.js-issued JWT from an interrupted OAuth sign-in flow (state, PKCE or ...

Continue Reading

14 декабря, 2023

WordPress UserPro 5.1.x Password Reset / Authentication Bypass / Escalation

...Read More ...

Continue Reading

14 декабря, 2023

Open Redirect

mattermost is vulnerable to Open Redirect. The vulnerability is caused due to a missing validation at redirect URL parameter. The application fails to validate the custom URL scheme /oauth/{service}/m ...

Continue Reading

14 декабря, 2023

Authentication Bypass

authentik is vulnerable to authentication bypass due to an insufficient PKCE check. The vulnerability is caused by code_verifier step during the OAUTH initialisation flow. Authentik improperly accepts ...

Continue Reading

14 декабря, 2023

1 106 107 108 109 110 184

Back to Main
Subscribe for the latest news: