-
Dear reader(s),
I have found a vulnerability in the code.
Can you please share the contact details to report a vulnerability I have found or enable the security policy so that I can fill a report?…
-
Remember, an issue is not the place to ask questions. You can use our [Slack channel](https://github.com/OWASP/www-project-top-10-for-large-language-model-applications/wiki) for that, or you may want …
-
In order for us to update the JAB on our compliance in a consistent way, we need to run Continuous Monitoring scans on approximately the 23rd of the month. (If this date falls on a weekend or federal …
-
### What happened?
I was using a 0.3.x version successfully, with Nextcloud as the WebDAV target. After upgrading remotely-save, the connectivity check fails.
In the console, it states, "remote va…
-
Task1 Introduction
===========================
私たち一人ひとりは、コンピューターでさまざまなプログラムを使用しています。一般的に、プログラムは私たちのコンピュータ上で動作し、コンピュータの処理能力やストレージを使用します。しかも、プログラムを使うには、まずインストールする必要があります。もし、どんなプログラムでもインストールせずに使えるとした…
-
We didn't actually do a full risk analysis of eager loading. We did consider some of the obvious impacts, but didn't do a full risk matrix.
## Acceptance criteria
- A Risk matrix is prepared
- The Ri…
-
In https://mas.owasp.org/MASTG/tests/android/MASVS-CODE/MASTG-TEST-0025/
the links at the top are rendered as:
[Testing Deep Links](https://mas.owasp.org/MASTG/tests/android/MASVS-CODE/MASTG-TES…
-
Package `micromatch` is vulnerable to Regular Expression Denial of Service (ReDoS).
The vulnerability occurs in `micromatch.braces()` in `index.js` because the pattern `.*` will greedily match anyt…
-
## GSoC 2023 Ideas
We need to propose our ideas for the upcoming GSoC.
They need to be added here: https://owasp.org/www-community/initiatives/gsoc/gsoc2023ideas
fzipi updated
5 months ago
-
### Description
`$this->redirect($url)` allows one to redirect to any arbitrary URL which could lead to the server to redirects to `hacker.example.com` , especially in sufficiently complex code wh…