Description The Nextend Social Login and Register plugin for WordPress is vulnerable to a self-based Reflected Cross-Site Scripting via the ‘error_description’ parameter in all versions up to, and ...
Continue Reading
March 08, 2024
Government bodies are clamping down heavily on institutions and organizations that handle sensitive customer data. For APIs, tokens are used to authenticate users. We live in an era dominated by cloud ...
Continue Reading
March 08, 2024
Government bodies are clamping down heavily on institutions and organizations that handle sensitive customer data. For APIs, tokens are used to authenticate users. We live in an era dominated by cloud ...
Continue Reading
March 08, 2024
In today's rapidly evolving SaaS environment, the focus is on human users. This is one of the most compromised areas in SaaS security management and requires strict governance of user roles and p ...
Continue Reading
March 07, 2024
Overview In February 2024, Rapid7’s vulnerability research team identified two new vulnerabilities affecting JetBrains TeamCity CI/CD server: CVE-2024-27198 is an authentication bypass vulnerabili ...
Continue Reading
March 04, 2024
Overview In February 2024, Rapid7’s vulnerability research team identified two new vulnerabilities affecting JetBrains TeamCity CI/CD server: CVE-2024-27198 is an authentication bypass vulnerabili ...
Continue Reading
March 04, 2024
The remote CentOS Linux 9 host has a package installed that is affected by a vulnerability as referenced in the grafana-9.2.10-4.el9 build changelog. account takeover possible when using Azure AD OAu ...
Continue Reading
March 03, 2024
Flask-AppBuilder is an application development framework, built on top of Flask. A Cross-Site Scripting (XSS) vulnerability has been discovered on the OAuth login page. An attacker could trick a user ...
Continue Reading
March 03, 2024
Back to Main
