CVE-2024-36370

In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 stored XSS via OAuth connection settings was...Read More ...

Continue Reading
CVE-2024-4540

A flaw was found in Keycloak in OAuth 2.0 Pushed Authorization Requests (PAR). Client-provided parameters were found to be included in plain text in the KC_RESTART cookie returned by the authorization ...

Continue Reading
Grafana account takeover via OAuth vulnerability in github.com/grafana/grafana

Grafana account takeover via OAuth vulnerability in...Read More ...

Continue Reading
CVE-2024-4540

A flaw was found in Keycloak in OAuth 2.0 Pushed Authorization Requests (PAR). Client-provided parameters were found to be included in plain text in the KC_RESTART cookie returned by the authorization ...

Continue Reading
CVE-2024-4540

A flaw was found in Keycloak in OAuth 2.0 Pushed Authorization Requests (PAR). Client-provided parameters were found to be included in plain text in the KC_RESTART cookie returned by the authorization ...

Continue Reading
CVE-2024-4540 Keycloak: exposure of sensitive information in pushed authorization requests (par) kc_restart cookie

A flaw was found in Keycloak in OAuth 2.0 Pushed Authorization Requests (PAR). Client-provided parameters were found to be included in plain text in the KC_RESTART cookie returned by the authorization ...

Continue Reading
EvilSlackbot – A Slack Bot Phishing Framework For Red Teaming Exercises

EvilSlackbot A Slack Attack Framework for conducting Red Team and phishing exercises within Slack workspaces. Disclaimer This tool is intended for Security Professionals only. Do not use this tool ag ...

Continue Reading
JetBrains TeamCity Multiple Vulnerabilities

The version of JetBrains TeamCity installed on the remote host is prior to 2022.04.7, 2022.10.6, 2023.05.6, or 2023.11.5. It is, therefore, affected by multiple vulnerabilities as referenced in the CV ...

Continue Reading

Back to Main

Subscribe for the latest news: