CVE-2024-10318 - Session Fixation Flaw in NGINX OpenID Connect Reference Implementation Explained
In early 2024, a critical security vulnerability—CVE-2024-10318—was identified in the NGINX OpenID Connect reference implementation. If you use NGINX with OIDC, or maintain
CVE-2024-48910 - DOMPurify Prototype Pollution Vulnerability Explained (With Example Exploit Code)
_DOMPurify_ is one of the most trusted XSS (Cross-Site Scripting) sanitizers for web developers, used by thousands of websites to clean up user-generated HTML, SVG,
CVE-2024-50578 - Stored XSS in JetBrains YouTrack Agile Boards - Deep Dive and Exploitation
In June 2024, security researchers uncovered a Stored Cross-Site Scripting (XSS) vulnerability in JetBrains YouTrack, a popular issue and project tracking tool. Assigned the ID
CVE-2024-50580 - XSS Exploits in JetBrains YouTrack Before 2024.3.47707 — Deep Dive & Exploit Walkthrough
JetBrains YouTrack is a popular issue tracking and project management tool, widely used by teams for managing bugs and project workflows. However, in versions before
CVE-2024-8312 - How a Simple Search Box Let Attackers Run Code in GitLab—Understanding & Exploiting the Global Search XSS Bug
On June 2nd, 2024, the GitLab security team published an advisory about a serious Cross-Site Scripting (XSS) vulnerability affecting the popular code collaboration service, GitLab
Episode
00:00:00
00:00:00