When archiving a team, Mattermost fails to sanitize the related Websocket event sent to currently connected clients. This allows the clients to see the name, display name, description, and other data ...
Continue Reading
August 15, 2023
Python HTTP client/server for asyncio which supports both the client and the server side of the HTTP protocol, client and server websocket, and webserve rs with middlewares and pluggable routing.Read ...
Continue Reading
August 08, 2023
# Thursday February 16 2023 Security Releases By Michael Dawson, 16 Feb 2023 # _(Update 16-February-2023)_ Security releases available Updates are now available for the v19.x, v18.x, v16.x, and v14.x ...
Continue Reading
August 07, 2023
An issue was discovered in Zoho ManageEngine Network Configuration Manager 12.6.165. The WebSocket endpoint allows Cross-site WebSocket hijacking.Read More ...
Continue Reading
August 04, 2023
## Summary Spring Framework open source library is used by IBM OpenPages with Watson. Multiple vulnerabilties are being disclosed from Spring Framework within this bulletin. These vulnerabilities are ...
Continue Reading
July 28, 2023
nodebb is vulnerable to Websocket Session Hijacking. The vulnerability exists due to missing csrf token in the request which allows an attacker to gain access to private information via cross-origin w ...
Continue Reading
July 28, 2023
An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is an Access Control Violation for Database Operations. The Vocera Report Console contains a websocket interface ...
Continue Reading
July 25, 2023
An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Path Traversal via the "restore SQL data" filename. The Vocera Report Console contains a websocket function t ...
Continue Reading
July 25, 2023
Back to Main
