-
As a user, I'd like to be able to add web links to my cards.
I should be able to click them, and have the link open in my default browser.
## ⚠️ Security Note
Implementing this incorrec…
-
### What feature?
The application currently lacks a Content Security Policy (CSP), which increases the risk of cross-site scripting (XSS) and other injection attacks. Implementing a CSP is essential …
-
# Summary
A Reflected Cross-Site Scripting (XSS) vulnerability has been identified in the SeaCms V12.9.
Multiple reflective XSS vulnerabilities were discovered in `\js\player\dmplayer\play\index.ph…
-
Sessions on SQL injection:
- will need to create interface to inject with
- do basic attacks, 1=1, union
- possibly find online resource to do sqlmap?
Sessions on XSS:
- need to create web pag…
-
### Describe the bug
There is a moderate vulnerability on `@refinedev/cli@2.16.38`
```sh
send
-
- Site: [https://172.17.0.1](https://172.17.0.1)
- Site: [http://172.17.0.1](http://172.17.0.1)
**New Alerts**
- **SQL Injection - MySQL** [40019] total: 1:
- [http://172.17.0.1/login.php]…
-
-
Use ngSanitize to help combat this
-
Hi,
it seems there is a JavaScript Injection / XSS vulnerability in org.apache.poi.xwpf.converter.xhtml.XHTMLConverter when converting .docx to .html due to insufficient output encoding of class na…
-
```
What steps will reproduce the problem?
1.File Include
В фаиле storedoc.cgi
Чтение фаилов: /etc/passwd
в GET параметре DU чтение фаила file:///etc/passwd
/kurgan/cache?CS=UTF-8&CT=text/html&DM=S…