CVE-2023-40338 - Jenkins Folders Plugin File Path Disclosure Exploit Explained
If you’re using Jenkins for continuous integration (CI/CD), you likely depend on plugins to extend its core functionality. But plugins can sometimes introduce
CVE-2023-3398 - Denial of Service in drawio Before 18.1.3 – Everything You Need to Know
In June 2023, a vulnerability was discovered in the popular diagramming tool drawio (jgraph/drawio) that could crash the whole server. The bug, tracked as
CVE-2023-29525 - Critical XWiki Code Injection via “since” Parameter – Exploit Details and Secure Fixes
Published: June 2024
Introduction
CVE-2023-29525 is a serious security vulnerability affecting multiple versions of XWiki Platform, an extensible open-source wiki and application platform. Attackers can
CVE-2022-44726 - Exploiting XSS in TouchDown Timesheet Tracking Component 4.1.4 for Jira (Calendar View)
Cross-site Scripting (XSS) vulnerabilities enable attackers to inject malicious scripts into web applications. CVE-2022-44726 is one of these critical bugs, found in TouchDown Timesheet Tracking
CVE-2023-29508 - Stored XSS Vulnerability in XWiki Commons Live Data Macro (Explained with Exploit Details)
XWiki is a powerful open-source wiki platform used by a broad range of organizations. In April 2023, a serious security issue was discovered: CVE-2023-29508. This
Episode
00:00:00
00:00:00