CVE-2024-8312 - How a Simple Search Box Let Attackers Run Code in GitLab—Understanding & Exploiting the Global Search XSS Bug
On June 2nd, 2024, the GitLab security team published an advisory about a serious Cross-Site Scripting (XSS) vulnerability affecting the popular code collaboration service, GitLab
CVE-2023-32193 - Unauthenticated Cross-Site Scripting (XSS) in Norman’s Public API—Explained with Exploit Example
In early 2023, security researchers uncovered CVE-2023-32193, a serious vulnerability in Norman’s public API. This bug allows unauthenticated attackers to inject malicious JavaScript on
CVE-2024-21218 - Crashing MySQL Server via InnoDB Vulnerability
Oracle recently addressed a significant vulnerability—CVE-2024-21218—in its MySQL Server product. This flaw resides specifically in the InnoDB storage engine. Let’s break down
CVE-2024-9906 - Exploiting Reflected XSS in SourceCodester Online Eyewear Shop 1. – What You Need to Know
Recently, a new vulnerability has been discovered in the SourceCodester Online Eyewear Shop version 1.. Tracked as CVE-2024-9906, this issue is particularly concerning because it
CVE-2024-9696 - Exploiting Stored XSS in Rescue Shortcodes WordPress Plugin — Technical Deep Dive
On March 18, 2024, security researchers published details for a new vulnerability — CVE-2024-9696 — affecting the popular Rescue Shortcodes WordPress plugin. This vulnerability, which affects all
Episode
00:00:00
00:00:00