CVE-2022-36368 - Exploiting Multiple Stored Cross-Site Scripting Vulnerabilities in IPFire < 2.27
CVE-2022-36368 is a set of stored Cross-Site Scripting (XSS) vulnerabilities found in IPFire’s web user interface for versions prior to 2.27. These bugs
CVE-2022-43015 - Exploiting a Reflected XSS Vulnerability in OpenCATS v.9.6 (`entriesPerPage`)
OpenCATS is a popular open-source Applicant Tracking System (ATS) used by many organizations for recruitment management. In October 2022, a security issue surfaced in version
CVE-2022-3608 - Stored Cross-site Scripting (XSS) Vulnerability in phpMyFAQ Prior to 3.2.-alpha
If you use the open-source FAQ software phpMyFAQ, you need to know about CVE-2022-3608. This vulnerability allows attackers to exploit stored Cross-site Scripting (XSS) issues
CVE-2022-2527 - Arbitrary Content Injection in GitLab Incident Timelines – How it Worked, and Why it Mattered
In the world of version control and DevOps, GitLab is huge. It runs major codebases, automates processes, and tracks code incidents for thousands of companies.
CVE-2022-32149 - How a Malicious Accept-Language Header Can Bring Down Your Go Server
When we think of web application attacks, we often picture SQL injections or XSS. But sometimes, the mildly boring headers we ignore can open up
Episode
00:00:00
00:00:00