-
Malicious users avoid being blocked by tweeting hate, then deactivating their account. A deactivated account cannot be blocked. The user will then simply reactivate, tweet abuse at someone again, then…
-
#### Overview of the Issue
When using the rpm packages as provided by this project during install or upgrade scriptlets present in the package
During installation/upgrade of the rpm packag…
-
### Is there an existing issue for this?
- [X] I have searched the existing issues
### Platform
all
### App version
5.8.1
### Feature
There is currently no way to make it so that nobody is able…
-
"The company helps me protect myself from grief, abuse, and harassment."
I would consider adding criteria for companies to design with an eye towards limiting users' ability to abuse or harass othe…
-
I integrate a lots of data for many clients in PostgreSQL databases.
I use (and abuse) of the backup/restore procedure.
But I need to have a unique name for each dump that I make.
It could be nice…
-
0x52
high
# Malicious user can abuse UpdateCommitment to create commitments for other users
## Summary
UpdateCommitment checks that the original lender is msg.sender but never validates that the o…
-
**Observed behaviour:**
As the OLS core team expands, the guide for reporting abuse of Code of Conduct is also getting larger and slightly confusing.
For a reference - see this line in the [Cataly…
-
Issue found: Intent Redirection
We found that your app contains security vulnerabilities, which can expose user information or damage a user’s device. This is a violation of Device and Network Abus…
-
When creating a poll, items are given as id. This allows anyone to pass all the ids to see what they are.
This could be fixed by doing that when creating a poll:
- If the item belongs to a group: …
-
So, this was caused by emails, which in some instances would ask the DS for
`messages/xxx?include_docs=true&keys=[10000keys]`
We can all agree this is a bug within emails, which will be fixed.
Howe…