-
# Summary
SeaCms V12.9 contains multiple stored XSS vulnerabilities originating from insufficient filtering of several configuration variables in data.php related to `$yzm`. These vulnerabilities can…
-
I get the editor has a preview feature but what I'm after is if it offers a function to just output the markdown to HTML.Much like editing a blog post saving the markdown to the database then renderi…
-
Vulnerable Library - bootstrap-3.3.7.jar
WebJar for Bootstrap
Library home page: http://webjars.org
Path to dependency file: /pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org…
-
C W E 8 9
-
Situation:
From time to time, triage will close XSS reports as dupes based on input rather than output (so when eg a `name` input is echoed in entirely different pages/functionalities, they will clos…
-
There is a Reflective XSS vulnerability when user view the survey result. The failure of the XSS filter to work properly resulted in this vulnerability, which allows remote attackers to inject arbitra…
-
That should make the tests more solid, since as I'm reading it, the way to check if jPurify is working is to run it and confirm that no popup test is running (right?)
Are there tests that show those …
-
### **Summary**
This report contains the CSRF and XSS vulnerabilities found in electerious' Lychee. And there is a relationship between them.
First, an attacker can trick an administrator into openi…
-
SourceBans++ web panel has inadequate [XSRF](https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)) protection. Administrators that are coerced or inadvertently exposed to malicious code m…
hctim updated
5 years ago
-
Hello Rene,
👍 Nice work! In order to learn web security, we have to learn the basics of web development. Because web development isn't the goal of this course, everyone will receive the same UI score…