# Description `PUT /api/v1/users/{id}` API doesn't properly check the authorizaion. # Proof of Concept 1. [admin] Enable user registration functionality. 2. [user] Register new user and login as them. ...
Continue Reading
January 14, 2023
[]() DevOps platform CircleCI on Friday disclosed that unidentified ...
Continue Reading
January 14, 2023
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...
Continue Reading
January 12, 2023
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...
Continue Reading
January 12, 2023
### Impact RefreshTokens is an OAuth 2.0 feature that allows applications to retrieve new access tokens and refresh the user's session without the need for interacting with a UI. RefreshTokens were no ...
Continue Reading
January 12, 2023
### Impact RefreshTokens is an OAuth 2.0 feature that allows applications to retrieve new access tokens and refresh the user's session without the need for interacting with a UI. RefreshTokens were no ...
Continue Reading
January 11, 2023
None ## Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability and Microsoft SharePoint Server security feature bypass vulnerability. To learn more abo ...
Continue Reading
January 11, 2023
The Nuxeo Platform is an open source content management platform for building business applications. In version 11.5.109, the `oauth2` REST API is vulnerable to Reflected Cross-Site Scripting (XSS). T ...
Continue Reading
January 10, 2023
Back to Main
