-
- Site: [https://localhost:5000](https://localhost:5000)
- Site: [http://localhost:5000](http://localhost:5000)
**New Alerts**
- **Path Traversal** [6] total: 1:
- [http://localhost:5000/a…
-
**Version**: 6.0.7
**Vuln**: CORS Misconfiguration
**PoC**
```python
from flask import Flask, jsonify, send_from_directory
app = Flask(__name__)
@app.route('/')
def serve_html():
r…
-
### 提交检查
- [X] 我已经搜索过 Issues,没有找到类似问题
- [X] 我已经使用[百度](https://www.baidu.com)或[谷歌](https://www.google.com)搜索过,没有找到类似问题
- [X] 我已经检查过[常见问题](https://github.com/monlor/docker-xiaoya/blob/main/Questions.md…
-
Tracking issue for:
- [ ] https://github.com/GrimalDev/whatsmyiris/security/code-scanning/4
# Possible solution
- [Article about tracing cookies](https://cheatcode.co/tutorials/how-to-impleme…
-
- Site: [https://172.17.0.1](https://172.17.0.1)
- Site: [http://172.17.0.1](http://172.17.0.1)
**New Alerts**
- **Absence of Anti-CSRF Tokens** [10202] total: 2:
- [http://172.17.0.1/admi…
-
- Site: [https://itvr-backend-dev.apps.silver.devops.gov.bc.ca](https://itvr-backend-dev.apps.silver.devops.gov.bc.ca)
**New Alerts**
- **Content Security Policy (CSP) Header Not Set** [10038] t…
-
I have followed your setup guide to a single node Server Instance just like in the docs. The only thi I added was the IP-Address of the Ubuntu 22.04 VM where Wazuh should reside.
After that, the in…
-
Seeing a bug with csv or text alerts on 3.0.0rc1, which were working fine on 2.1.0.
PNG is working …
-
According to RFC6347:
**4.2.1 Denial-of-Service Countermeasures**
If a server receives a ClientHello with an invalid cookie, it SHOULD treat it the same as a ClientHello with no cookie. This avoids …
-
```
In the dangerous eval lesson for WebGoat 5.4, the instructions say to alert
document.cookie to solve the lesson. Firefox and IE prevent the cookie from
being displayed but do not prevent the so…