CVE-2023-40351 - How a CSRF in Jenkins Favorite View Plugin Lets Attackers Mess with Your Favorites
Jenkins is everywhere in the DevOps world, and plugins are like its building blocks. One of those plugins, Favorite View Plugin up to version 5.
CVE-2023-0551 - How a Simple Authorization Flaw in WordPress REST API TO MiniProgram Plugin Lets Any Subscriber Delete Attachments
In early 2023, a security vulnerability was discovered in the popular WordPress plugin REST API TO MiniProgram (version <= 4.6.1). This vulnerability, tracked
CVE-2023-38999 - How a Simple CSRF Flaw in OPNsense Could Shut Down Your Firewall
Security vulnerabilities can lurk in unexpected places, sometimes even in the control panels that protect our networks. CVE-2023-38999 is a recent and serious flaw found
CVE-2023-26448 - Custom Log-in/Log-out Locations in jslob Expose Users to Malicious Redirects (Exclusive Deep Dive)
CVE-2023-26448 is an overlooked but serious security flaw affecting web applications that let users define custom log-in and log-out URLs, referred to internally as jslob
CVE-2023-4055 - Behind the Scenes of a Cookie Jar Mixup in Firefox
Published: Exclusive Long-Read
CVSS Score: 4.3 (Medium)
Impacted software:
Firefox ESR < 115.1
Web developers and end-users depend on cookies every day—for
Episode
00:00:00
00:00:00