CVE-2022-34155 - Exploiting Improper Authentication in miniOrange OAuth Single Sign On – SSO (OAuth Client) (<= 6.23.3)
In 2022, a serious vulnerability was found in the popular miniOrange OAuth Single Sign On – SSO (OAuth Client) plugin for WordPress. This plugin is widely
CVE-2023-3362 - Exploiting an Information Disclosure Vulnerability in GitLab CE/EE GitHub Imports
---
Introduction
On June 2023, a serious information disclosure vulnerability—CVE-2023-3362—was uncovered in GitLab Community Edition (CE) and Enterprise Edition (EE). This issue exposed
CVE-2023-34246 - How Doorkeeper's Public Client Consent Flaw Exposed OAuth in Rails Apps
If you use Doorkeeper to handle OAuth 2 authentication in your Ruby on Rails or Grape APIs, you need to know about a major vulnerability
CVE-2023-24428 - How CSRF in Jenkins Bitbucket OAuth Plugin Lets Attackers Hijack Logins
---
What is CVE-2023-24428?
CVE-2023-24428 is a serious security vulnerability found in the Jenkins Bitbucket OAuth Plugin, affecting versions .12 and earlier. If your Jenkins
CVE-2023-24439 - How Jenkins JIRA Pipeline Steps Plugin Leaked Private Keys (And Why You Should Care)
On January 25, 2023, the Jenkins project revealed a serious security flaw affecting the popular JIRA Pipeline Steps Plugin. This bug, now tracked as CVE-2023-24439,
Episode
00:00:00
00:00:00