-
We should remove any sensitive information from log messages, which includes eg secrets for static configuration of authentication methods that use secrets.
Consider this log message, printing info…
-
At the moment some (default) plugins allow outsiders to get information about users in closed or secret channels. This should not be possible. For example the seen command of the Seen plugin returns t…
-
_This issue was automatically created by [Allstar](https://github.com/ossf/allstar/)._
**Security Policy Violation**
Project is out of compliance with Dangerous Workflow policy: dangerous workflow pa…
-
During inspection and testing of several components, I found many holes and bad practices.
If I have time, I will list them all, but the most important one (and the one that really bugs me) is the…
-
- Site: [http://myolink.info.gf](http://myolink.info.gf)
**New Alerts**
- **Content Security Policy (CSP) Header Not Set** [10038] total: 2:
- [http://myolink.info.gf/](http://myolink.info.g…
-
In production, when required param(s) are omitted from e.g. a POST request, machine's `E_MISSING_OR_INVALID_PARAMS` response will leak information about the API.
E.g.:
```
$ curl http://localho…
-
### Minecraft's Version
1.21 SuperiorSkyblock2-2024.1-b266 (1)
### Plugin's Version
SuperiorSkyblock2-2024.1-b266
### Describe the bug
The console spams me Could not pass eventBlockFromToEvent t…
-
**Reported by anonymous on 9 Aug 2013 22:11 UTC**
Turn off JS and click "Show more" link or visit:
http://demo.plumi.org/++theme++plumi.skin/
-
### Prerequisites
- [X] I have read the [Contributing Guidelines](https://github.com/siemens/ix/blob/main/CONTRIBUTING.md).
- [X] I have not leaked any internal/restricted information like screens…
-
```yaml
cve: CVE-2019-19625
cwe: CWE-200 (Information Exposure)
description: We found that SROS 2, the tools to generate and distribute keys for ROS
2 and use the underlying security plugins of …