# Description Hi there, there is a stored XSS in Oauth application name. # Proof of Concept 1. Install a local instance of Autolab. 2. Go to `/oauth/applications` and create a new application with na ...
Continue Reading
June 23, 2022
Team, May you all be well on your side of the screen. :) While Doing some research on the https://microweber.org, I was able to find a Pre-Account Takeover vulnerability. Kindly check the proof of con ...
Continue Reading
June 23, 2022
Team, May you all be well on your side of the screen. :) While Doing some research on the https://microweber.org, I was able to find a Pre-Account Takeover vulnerability. Kindly check the proof of con ...
Continue Reading
June 23, 2022
# Description Hi there, there is a stored XSS in Oauth application name. # Proof of Concept 1. Install a local instance of Autolab. 2. Go to `/oauth/applications` and create a new application with na ...
Continue Reading
June 23, 2022
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...
Continue Reading
June 23, 2022
### Impact We found that this vulnerability is present when the developer is implementing an OAuth 1 provider (by extension, it means Twitter, which is the only built-in provider using OAuth 1), but * ...
Continue Reading
June 23, 2022
NextAuth.js (next-auth) is am open source authentication solution for Next.js applications. Prior to versions 3.29.3 and 4.3.3, an open redirect vulnerability is present when the developer is implemen ...
Continue Reading
June 23, 2022
# Description The application allows the usage of third-parties to store the files, such as Google Drive, Github, Gitlab, etc. It's possible to bypass the protection of the `redirect` parameter and re ...
Continue Reading
June 23, 2022
Back to Main
