mattermost is vulnerable to Open Redirect. The vulnerability is caused due to a missing validation at redirect URL parameter. The application fails to validate the custom URL scheme /oauth/{service}/m ...
Continue Reading14 декабря, 2023
Ambitious Employees Tout New AI Tools, Ignore Serious SaaS Security Risks Like the SaaS shadow IT of the past, AI is placing CISOs and cybersecurity teams in a tough but familiar spot. Employees are ...
Continue Reading14 декабря, 2023
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:6972 advisory. Grafana is validating Azure AD accounts based on th ...
Continue Reading14 декабря, 2023
authentik is vulnerable to authentication bypass due to an insufficient PKCE check. The vulnerability is caused by code_verifier step during the OAUTH initialisation flow. Authentik improperly accepts ...
Continue Reading14 декабря, 2023
NextAuth.js provides authentication for Next.js. next-auth applications prior to version 4.24.5 that rely on the default Middleware authorization are affected by a vulnerability. A bad actor could cre ...
Continue Reading14 декабря, 2023
Cybersecurity researchers have detailed a "severe design flaw" in Google Workspace's domain-wide delegation (DWD) feature that could be exploited by threat actors to facilitate ...
Continue Reading14 декабря, 2023
ownCloud has warned users about three critical security flaws in its file-sharing software which, if exploited, could reveal sensitive information and modify files. An especially and potentially impac ...
Continue Reading14 декабря, 2023
According to recent research on employee offboarding, 70% of IT professionals say they've experienced the negative effects of incomplete IT offboarding, whether in the form of a security incident ...
Continue Reading14 декабря, 2023
Back to Main