-
# 每日安全资讯(2023-08-12)
- HackerOne Hacker Activity
- [ ] [fs.mkdtemp() and fs.mkdtempSync() are missing getValidatedPath() checks.](https://hackerone.com/reports/2037887)
- [ ] [Permission model by…
-
# 每日安全资讯(2023-06-17)
- HackerOne Hacker Activity
- [ ] [Logging in without knowing credentials after logged out action](https://hackerone.com/reports/1971610)
- [ ] [CSRF with logout action](http…
-
## First Steps
| Software | Version |
|------------------|---------------------------|
| BeEF Version | 0.5.4.0 (using git clone) |
| Ruby Version | 3.0.2p107 …
-
**Describe the bug**
No visual error output if GraphQL introspection is not allowed on the webserver
**To Reproduce**
Steps to reproduce the behavior:
1. Go to inQL scanner
2. Paste the URL
3.…
-
Thanks for keeping it open source.
On macOS, semgrep is installed using brew
B…
-
I'm having an issue where some labels are still being targeted, even if I'm using the --ignore flag. For example, I set "microsoftonedrive-deferred" to be ignored, yet Outlook is tied to that applicat…
-
Hello,
Thanks you for the awesome tool, but is there any way of making DEBUG requests work on jdk17+ ? I have tried both `iis_shortname_scanner_jdk7.jar` and `iis_shortname_scanner.jar` but there i…
-
### Jenkins and plugins versions report
Environment
```text
Jenkins: 2.401.1
OS: Linux - 5.10.179-171.711.amzn2.x86_64
Java: 11.0.19 - Amazon.com Inc. (OpenJDK 64-Bit Server VM)
---
…
-
During routine vulnerability testing , our security team found an XSS vulnerability within the Adaptable Theme plugin. It appears the adaptable theme is too trusting of user data that is input into th…
-
open
https://buff.163.com/
Chinese character garbled when html charset=utf-…