-
As reported by Detectify:
```
Cross Site Scripting (XSS)
http://pulsir.eu/p.php?id=405'"%20dtfy%20>-->1B24TnTTC0TqEf8E
critical
Cross Site Scripting (XSS)
http://pulsir.eu/topic/?view=reply515'"%20…
-
The Form should be protected against CSRF.
From a glance at the Code I am also not convinced that "eater-id" is checked against the actual authentication, but I may be missing an "intereceptor" concep…
-
Hello,
We are conducting research on the unintended exposure of secrets in GitHub repositories. In a recent scan we conducted of GitHub repositories, our tool detected that one of your repositories …
-
Hello,
We are conducting research on the unintended exposure of secrets in GitHub repositories. In a recent scan we conducted of GitHub repositories, our tool detected that one of your repositories …
-
The "site_url" in the comment field is vulnerable to XSS. Since I already have a fork of your project which has diverged a bit you wont get a pull request - sorry. But you can fix it by replacing line…
-
In case a user of grow does something like ```growl.error(errorMessageWithUserInput)``` then the client gets vulnerable for injection and XSS. This way an evil hacker can read cookies and send it to e…
-
```
(+) 1 vulnerabilities found
┌───────────────┬───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────…
-
Hi.
Our pentesters discovered a Cross Site Scripting vulnerability that I was able to trace back to pqselect.
If you set one of the option's names in multiselect to something like that:
```
somevalu…
-
Hello,
I have been trying to reach you through siteditor website's contact form for the past few weeks, without success.
Since it doesn't seem that GitHub currently supports private issues, plea…
-
monter de version dans le gemfile