One of the API in Mattermost version 6.4.1 and earlier fails to properly protect the permissions, which allows the authenticated members with restricted custom admin role to bypass the restrictions an ...
Continue Reading
May 23, 2022
# Description In line 786, we can see ```$conditionFilters[] = $filterField . ' ' . $operator . ' ' . $value;```. The three variables joins to a string, and the variables come from the request param ...
Continue Reading
May 23, 2022
I found that one of the targets belongs to **DOD** vulnerable to **CVE-2022-22954** where an attacker may be able to execute any malicious code like escalating Remote code execution is also possible ...
Continue Reading
May 23, 2022
Storing passwords in a recoverable format in the DOCUMENTATION plugin component of Strapi before 3.6.9 and 4.x before 4.1.5 allows an attacker to access a victim's HTTP request. From this, the attacke ...
Continue Reading
May 23, 2022
# Description Hello , its my first report in huntr.dev fast code review : file https://github.com/yogeshojha/rengine/blob/master/web/api/views.py#L820 ``` class CMSDetector(APIView): def get(self, re ...
Continue Reading
May 23, 2022
# Description The `WellKnownServlet` is vulnerable to path traversal. This allows reading local files. For example the files in `WEB-INF` that contain secrets and API keys can be read. https://github. ...
Continue Reading
May 23, 2022
# Description The proxy server does not check for link-local IPv6 addresses In https://github.com/jgraph/drawio/blob/dev/src/main/java/com/mxgraph/online/ProxyServlet.java#L255L257, it checks for loca ...
Continue Reading
May 23, 2022
An information disclosure vulnerability in UniverSIS-Students before v1.5.0 allows attackers to obtain sensitive information via a crafted GET request to the endpoint /api/students/me/courses/. ...
Continue Reading
May 23, 2022
Back to Main
