-
If you grant write permissions to all in the imgs folder (where the png files are generated), a non-privileged user can install a symlink under the directory and target sensitive data, then read the d…
ghost updated
7 years ago
-
The Login page leaks quite some information that I rather not, such as:
1. in `div#login-details` and in the document `title`- the server `hostname` (can be different than the domain or IP used to ac…
-
I use the web UI or TypeScript client to connect to EdgeDB, but I am troubled by the issue of how to prevent modifying apply_access_policies to false, which would cause the policies to fail and result…
-
The CreateFile and CreateNamedPipe audit events from the winapi module appear to be returning garbage instead of the names. There's potential for buffer overreads and/or information leakage.
### Lin…
zooba updated
1 month ago
-
Listing files across zones can show filesystem information from the remote zone (aka full physical paths):
```
[user@bioapps ~]$ ils -L /OtherZone/0685/
/OtherZone/0685:
irods_otherzone 0 …
-
- [ ] Breakage: The part or the entire website is broken.
- [x] Never Consent: A cookie popup is appearing.
- [ ] Leftover: The part of the website is empty.
- [ ] Ads: I can see advertisements on …
-
- [X] Basic UI
There is a dual problem related to basic auth implementation within basic ui:
* low security vuln: information leakage
* missing http Authorization header in basicui resu…
-
**Describe the bug**
Privacy leakage in app/asset-transfer-private-data/chaincode-go/chaincode/asset_transfer.go
**To Reproduce**
1. Deploy asset_transfer.go, along with the PDC definition.
2. I…
-
This feature request is to ask for a kind of a "filtered view" allowing the user to choose a more restrictive view of the data he sees. The reasoning is that you might be using your own account to do …
-
In the url address, accessToken directly appears after the url, resulting in information leakage of the token on the Router. And this API returns all the configuration information.
I already saw ac…