CVE-2022-42956 - PassWork Extension 5..9 Flaw Exposes Master Password
In late 2022, a worrying vulnerability was discovered in the widely-used PassWork password manager browser extension, version 5..9. This security flaw (CVE-2022-42956) affects Chrome
CVE-2022-3873 - DOM-based Cross-site Scripting (XSS) in draw.io Before 20.5.2 – How It Happened, How It Works, and Why It Matters
Open-source diagramming tools like draw.io are a staple for individuals and businesses worldwide. But with popularity comes risk: security vulnerabilities can affect countless users.
CVE-2022-3462 - How a WordPress Highlight Focus Plugin Flaw Can Unleash High-Privilege Stored XSS – Exploit & Analysis
WordPress plugins boost convenience and creativity for site admins. But sometimes, even handy tools can hide dangerous bugs. CVE-2022-3462 is one such flaw, affecting the
CVE-2022-43562 - Understanding and Exploiting the Splunk Host Header Vulnerability
Splunk Enterprise is used by thousands of organizations to collect, index, and analyze machine-generated data. In late 2022, a critical vulnerability was discovered and tracked
CVE-2022-43568 - Exploiting Reflected XSS in Splunk Enterprise Using JSON and output_mode=radio
Splunk Enterprise is a popular tool used by thousands of companies worldwide to search, analyze, and visualize data. But even widely used, respected software can
Episode
00:00:00
00:00:00