CVE-2023-33799 - Deep Dive Into NetBox v3.5.1 Stored XSS in Create Contacts
NetBox is a popular open-source tool for managing IP address spaces and data center resources. But even mature projects can have security holes. In this
CVE-2023-33800 - Stored XSS in NetBox v3.5.1 via Malicious Payload in Regions Name Field
NetBox is a popular infrastructure resource modeling (IRM) tool, widely used by network engineers and data centers. In May 2023, a critical stored cross-site scripting
CVE-2023-2745 - Directory Traversal in WordPress Core – What Happened, How it Works, and Real-World Dangers
WordPress powers over 40% of the web, but that popularity makes it a lucrative target for hackers. In this long read, we’ll break down
CVE-2023-30394 - How a Simple XSS Vulnerability in Progress Ipswitch MOVEit 1.1.11 Exposed Sensitive Data
In 2023, researchers found a critical security flaw in Progress Ipswitch MOVEit version 1.1.11. Labeled as CVE-2023-30394, this vulnerability allowed attackers to perform
CVE-2023-24539 - Unexpected HTML Injection in CSS Contexts via Template Actions – Details, Examples, and Exploit Scenarios
A subtle web application vulnerability, CVE-2023-24539, illustrates how inserting *non-dangerous* characters like angle brackets (< and >) into CSS contexts can unexpectedly open the gate
Episode
00:00:00
00:00:00