-
# Summary
ThinkSAAS version 3.7.0 contains multiple stored Cross-Site Scripting (XSS) vulnerabilities.
These vulnerabilities occur due to the lack of proper filtering of input variables in the `app…
-
We have recently discovered some XSS vulnerabilities in osCommerce v4 as follows. Could we ask if it would be possible to make them public?
1. Multiple cross-site scripting (XSS) vulnerabilities al…
-
### Is there an existing issue for this?
- [X] I have searched the existing issues
### What happened?
Hello Project Admin,
Allowing special characters in password fields is essential for cre…
-
👋 This dashboard summarizes my activity on the repository, including available improvement opportunities.
## Recommendations
_Last analysis: Jun 09 | Next scheduled analysis: Jun 16_
### Open
- h…
-
URL :
https://www.humanprotocol.org/
Bug :
Unsafe security header: Content-Security-Policy
EVIDENCE :
Response headers include the HTTP Content-Security-Policy security header with the following se…
-
code is hosted [here](https://cartcheese.glitch.me)
-
**Hacking Team**
[http://wmvrpbarmnghd5oloyzxfnl6nt537hj2bhcjwt3cxvs25vuy42yxj2id.onion/](http://wmvrpbarmnghd5oloyzxfnl6nt537hj2bhcjwt3cxvs25vuy42yxj2id.onion)
**Hacking Group**
[http://hack6dme…
-
Gemini Nano weights from Google Chrome are on [HuggingFace](https://huggingface.co/wave-on-discord/gemini-nano). You can run the inference using this model with [MediaPipe LLM inference](https://githu…
-
### Current behavior
The check says that keycloak is vulnerable
### Expected behavior
No warning for fixed versions
### Motivation for change
Its not working as expected
### Environm…
-
I believe that a module to identify parameters and possible injection points, along with testing different payloads and checking responses could help find XSS's and this would be very useful for the s…