CVE-2023-4422 - Stored XSS Vulnerability in Cockpit (Prior to 2.6.3) Exposed & Explained
In late 2023, a security vulnerability identified as CVE-2023-4422 was responsibly disclosed in the popular open-source project Cockpit, a headless CMS that lets you manage
CVE-2023-40350 - Jenkins Docker Swarm Plugin XSS Vulnerability Explained
In August 2023, a critical security flaw (CVE-2023-40350) was discovered in the Jenkins Docker Swarm Plugin. If you use Jenkins with Docker Swarm and haven’
CVE-2023-40346 - Exploiting XSS in Jenkins Shortcut Job Plugin (.4 and earlier) - Simple Explained with Code Example
Jenkins is a popular automation server used for continuous integration and delivery (CI/CD). But sometimes, plugins can introduce security issues. Recently, a critical vulnerability
CVE-2023-40342 - Stored XSS Vulnerability in Jenkins Flaky Test Handler Plugin – Simple Explanation, Exploit Example & Fix
Jenkins is a widely-used automation server popular in CI/CD (Continuous Integration/Continuous Delivery) pipelines. One of its plugins, the Flaky Test Handler, helps teams
CVE-2023-3823 - The Hidden Risks in PHP’s XML Functions – How Leaky Global State Led to File Disclosure
In mid-2023, security researchers uncovered a subtle yet severe vulnerability in PHP, affecting versions 8. (before 8..30), 8.1 (before 8.1.22), and
Episode
00:00:00
00:00:00