CVE-2022-45932 - SQL Injection in OpenDaylight AAA - How It Works, Exploit Details, and In-Depth Explanation
If you're using OpenDaylight (ODL)—an open source platform popular for software-defined networking—you should pay attention to CVE-2022-45932. This vulnerability affects the
CVE-2022-45225 - Exploiting XSS in Book Store Management System v1. — A Deep Dive
Cross-Site Scripting (XSS) is a classic web vulnerability that refuses to become irrelevant. In this post, we’ll analyze CVE-2022-45225, a nasty XSS bug in
CVE-2022-39338 - How a Nextcloud user_oidc Discovery URL Bug Enabled XSS in Safari
Nextcloud is one of the most popular open-source self-hosted cloud services out there. Like many modern platforms, Nextcloud supports logging in with multiple identity providers
CVE-2022-39339 - How Plaintext OIDC Credential Leaks Put Nextcloud Accounts at Risk
user_oidc is a widely used OpenID Connect (OIDC) user backend for Nextcloud, enabling seamless SSO (Single Sign-On) integration with identity providers. On November 10,
CVE-2022-45152 - Blind SSRF in Moodle’s LTI Provider – Exploit Details, Impact, and Mitigation
A significant security vulnerability (CVE-2022-45152) was discovered in Moodle, the widely used open-source learning management system. This bug is a Blind Server-Side Request Forgery (SSRF)
Episode
00:00:00
00:00:00