This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...
Continue Reading
March 27, 2023
## Team, May you all be well on your side of the screen. :) *. While Doing some research on thehttps://cal.com/, I was able to find a Pre-Account Takeover vulnerability. ## Proof of concept: *. I have ...
Continue Reading
March 27, 2023
github.com/mattermost/mattermost-server is vulnerable to Cross-Site Scripting (XSS) attacks. An attacker is able to send AJAX requests on behalf of the victim through OAuth flow completion endpoints v ...
Continue Reading
March 27, 2023
## Summary: Path traversal in OAuth `redirect_uri` which can lead to users authorization code being leaked to any malicious user. The following authorization code flow request is generated at booth lo ...
Continue Reading
March 22, 2023
 Since the start of the Russo-Ukrainian conflict, [Kaspersky researchers]() ...
Continue Reading
March 21, 2023
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...
Continue Reading
March 20, 2023
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...
Continue Reading
March 20, 2023
A reflected cross-site scripting vulnerability in the OAuth flow completion endpoints in Mattermost allows an attacker to send AJAX requests on behalf of the victim via sharing a crafted link with a m ...
Continue Reading
March 16, 2023
Back to Main
