-
**Describe the bug**
I am testing Authentik with LDAP federation using a TLS-only openLDAP. The LDAP server runs on Debian Bookworm with a normal TLS setup, a valid LE cert, TLS 1.2+, etc.
The A…
-
# helmet.js
- 웹 서버에 대한 악성적인 공격이 뭐가 있을까?
```jsx
const express = require("express");
const helmet = require("helmet");
const app = express();
app.use(helmet());
// ...
```
```jsx
/…
-
### Pitch
Version number information from lib/mastodon/version.rb is currently displayed to web site visitors, and via the API. I'd rather not advertise the version number of Mastodon that I'm runn…
-
spin-off from https://github.com/OWASP/ASVS/issues/1916 "Discussion/Proposal 1"
The [summary](https://datatracker.ietf.org/doc/html/draft-ietf-oauth-browser-based-apps#section-6.3.3.3) for browser …
-
Hello,
I'm trying to use OOD to connect to a custom HTTPS server using the reverse proxy feature.
While it works very well for unsecure web servers (HTTP), with the SSL layer I'm getting the follo…
-
Vulnerable Library - spring-boot-starter-web-3.1.2.jar
Path to dependency file: /server/build.gradle
Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.springframe…
-
I am trying to run react 16.14.0 app using af-react-rendere and not able to run
followed same steps in https://opensource.adobe.com/aem-forms-af-runtime/storybook/?path=/story/adaptive-form-…
-
[Local Storage is insecure](https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/HTML5_Security_Cheat_Sheet.md#local-storage) and shouldn't be used for storing sensitive information.
Sto…
-
I'm using ubutu 20, nodejs 8.17. After installing the dependencies I install the stf globally by 'npm install -g @devicefarmer/stf', then I can run stf successfully and connect one device.
Here is …
-
Hi there,
I was looking at the Dockerfile and noticed that the app root is at `/root`, I'm not exactly sure why one would think of putting it there, but that seems like not the greatest design deci…