The plugin does not have authorisation and CSRF when updating its settings, which could allow unauthenticated attackers to update them and change the OAuth endpoints to ones they controls, allowing th ...
Continue Reading
September 12, 2022
The plugin does not have authorisation and CSRF when updating its settings, which could allow unauthenticated attackers to update them and change the OAuth endpoints to ones they controls, allowing th ...
Continue Reading
September 12, 2022
OAuthLib is an implementation of the OAuth request-signing logic for P ...Read More ...
Continue Reading
September 10, 2022
OAuthLib is an implementation of the OAuth request-signing logic for Python 3.6+. In OAuthLib versions 3.1.1 until 3.2.1, an attacker providing malicious redirect uri can cause denial of service. An a ...
Continue Reading
September 09, 2022
## Summary Cross reference list for security vulnerabilites fixed in IBM WebSphere Application Server, IBM WebSphere Application Server Hypervisor, WebSphere Application Server Liberty Profile and IBM ...
Continue Reading
September 07, 2022
## Summary Cross reference list for security vulnerabilites fixed in IBM WebSphere Application Server 8.5.5.5, IBM WebSphere Application Server Hypervisor 8.5.5.5 and IBM HTTP Server 8.5.5.5 ## Vulne ...
Continue Reading
September 07, 2022
* [CVE-2020-26237]() Highlight.js is a syntax highlighter written in JavaScript. Highlight.js versions before 9.18.2 and 10.1.2 are vulnerable to Prototype Pollution. A malicious HTML code block can b ...
Continue Reading
September 06, 2022
Microsoft has posted a [reminder]() on the Exchange Team blog that Basic authentication for Exchange Online will be disabled in less than a month, on October 1, 2022. The first announcement of the cha ...
Continue Reading
September 05, 2022
Back to Main
