-
The default behaviour of toastr is that html displayed is not encoded.
So this code causes a browser popup:
var msg = 'Hello alert("Danger!")';
toastr.success("Example Message " + ms…
-
Vulnerable Library - bootstrap-3.3.7.jar
WebJar for Bootstrap
Library home page: http://webjars.org
Path to dependency file: /pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org…
-
Vulnerable Library - spring-boot-starter-validation-2.7.1.jar
Path to dependency file: /pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/boot/spring-boot-aut…
-
Using a vulnerablity scanner to scan a system running Nexus version 3.67.1-01 or lower will pick up two issues.
1) HTTP TRACE Method Enabled
```
ID http-trace-method-enabled Published Nov 1, 2…
-
I wanted to use `anchore/sbom-action` with the `dependency-snapshot` option but since I always use `permissions: read-all` ([related docs](https://docs.github.com/en/actions/using-jobs/assigning-permi…
-
Hello
When I run this, I get the following error.
```
Total of 11 URLs
PASS: Cookie No HttpOnly Flag [10010]
PASS: Cookie Without Secure Flag [10011]
PASS: Incomplete or No Cache-control…
-
Add a plugin that:
1. Takes a list of DOM transitions from a YAML (or something) file;
1. Should be an array of transitions groups to allow support for multiple snapshots.
2. Plays them;
3. …
-
Vulnerable Library - jsoup-1.14.2.jar
jsoup is a Java library for working with real-world HTML. It provides a very convenient API for fetching URLs and extracting and manipulating data, using the be…
-
Vulnerable Library - esapi-2.1.0.1.jar
The Enterprise Security API (ESAPI) project is an OWASP project
to create simple strong security controls for every web platform.
Security cont…
-
Vulnerable Library - bootstrap-3.3.7.jar
WebJar for Bootstrap
Library home page: http://webjars.org
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /m2/repository/org/webjars/b…