CVE-2023-38999 - How a Simple CSRF Flaw in OPNsense Could Shut Down Your Firewall
Security vulnerabilities can lurk in unexpected places, sometimes even in the control panels that protect our networks. CVE-2023-38999 is a recent and serious flaw found
CVE-2023-26448 - Custom Log-in/Log-out Locations in jslob Expose Users to Malicious Redirects (Exclusive Deep Dive)
CVE-2023-26448 is an overlooked but serious security flaw affecting web applications that let users define custom log-in and log-out URLs, referred to internally as jslob
CVE-2023-4055 - Behind the Scenes of a Cookie Jar Mixup in Firefox
Published: Exclusive Long-Read
CVSS Score: 4.3 (Medium)
Impacted software:
Firefox ESR < 115.1
Web developers and end-users depend on cookies every day—for
CVE-2023-3414 - How a CSRF Flaw in Jenkins ServiceNow DevOps Plug-in Could Leak Your Secrets (and How to Fix It)
In June 2023, a security vulnerability (CVE-2023-3414) landed in popular DevOps circles, with potential to expose sensitive data from Jenkins environments using the ServiceNow DevOps
CVE-2023-39156 - How A CSRF Vulnerability in Jenkins Bazaar Plugin Let Attackers Delete SCM Tags
In June 2023, a cross-site request forgery (CSRF) vulnerability, tracked as CVE-2023-39156, was discovered in the Jenkins Bazaar Plugin. This bug, present in version 1.
Episode
00:00:00
00:00:00