-
If an attacker is able to inject a `NEL` header that requests that `Cookie` headers be sent in the `request_headers` report field, then any HttpOnly cookies could also be stolen, which would not be po…
-
### Description
`secf_check_sqli_all();` block requests when a single quote is present in From name :
```
From: "O'Reilly" ;tag=abcd
```
Since single quotes are frequent in names.
It makes…
-
Based on design of #1716 implement a toolkit item for use by multiple archetypes.
Subtasks:
- [x] Figure out header code injection via cycpp.h files
- [ ] Make facility_cost_manager, institution_cost…
-
- Site: [https://owasp.org](https://owasp.org)
**New Alerts**
- **PII Disclosure** [10062] total: 5:
- [https://owasp.org/www-project-zezengorri-code/](https://owasp.org/www-project-zezengor…
-
- Site: [http://localhost:5000](http://localhost:5000)
**New Alerts**
- **Content Security Policy (CSP) Header Not Set** [10038] total: 11:
- [http://localhost:5000](http://localhost:5000)
…
-
## CVE-2020-26137 - Medium Severity Vulnerability
Vulnerable Library - urllib3-1.21.1-py2.py3-none-any.whl
HTTP library with thread-safe connection pooling, file post, and more.
Library home page: h…
-
## CVE-2020-26137 - Medium Severity Vulnerability
Vulnerable Library - urllib3-1.21.1-py2.py3-none-any.whl
HTTP library with thread-safe connection pooling, file post, and more.
Library home page: h…
-
Steps to reproduce:
1. Create an empty GO
2. Right-click it into a collection
3. Ctrl+z
4. ...
5. cry... :(
-
**Total: 24 (HIGH: 24, CRITICAL: 0)**
| Library | Vulnerability | Severity | Status | Installed Version | Fixed Version | Title | Link …
-
**Is your feature request related to a problem? Please describe.**
We have many levels under JWT Vulnerability https://github.com/SasanLabs/VulnerableApp/blob/master/src/main/java/org/sasanlabs/servi…