-
The masking is good, but there are a number of parts of the portal where you could mouse over the obscured text and Azure dutifully discloses the obscured portion through a tooltip.
Everywhere that…
-
**PLATFORM and OS or BROWSER:**
Online Firefox
**DCSS VERSION AND GAME INFORMATION:**
0.31-a0-233-g139696dc86
**DESCRIPTION:**
By excluding empty space, the game appears to leak information …
-
Hello!
Found a site online that leaks the username/password for Proton accounts. Please take action.
https://bugmenot.com/view/protonmail.com
Please contact their team with a request to exclude…
-
**Describe the bug**
Full contact detail are present within the debug log.
> 09-20 17:13:45.489 17669 19640 V RealImapConnection: From: John Doe
> 09-20 17:13:45.489 17669 19640 V RealImapConnec…
-
More info on
https://docs.google.com/document/d/1elDrbtYjHyMpLSzUMtd3MUz0G5fPyULQGz9TGWJb6kE/edit
-
Your Turn! leaks information that is intentionally hidden in a couple ways.
1. The name in the banner is revealed, regardless of if the name of that token is actually visible to the player. If it's n…
-
The role of the Gateway Resource in reliable OHTTP is to decrypt the Encapsulated Request and forward it to the Target Resource. We should probably say something about the privacy risk of using the de…
-
We should remove any sensitive information from log messages, which includes eg secrets for static configuration of authentication methods that use secrets.
Consider this log message, printing info…
-
At the moment some (default) plugins allow outsiders to get information about users in closed or secret channels. This should not be possible. For example the seen command of the Seen plugin returns t…
-
_This issue was automatically created by [Allstar](https://github.com/ossf/allstar/)._
**Security Policy Violation**
Project is out of compliance with Dangerous Workflow policy: dangerous workflow pa…