-
Input Validation & Sanitization: Ensure all user inputs are validated and sanitized to prevent attacks like SQL injection and XSS.
Secure Environment Variables: Move sensitive information (API keys…
-
**Reported by da2ce7 on 17 Mar 2012 02:45:10 UTC**
In the current version of KVIrc, the program will blindly connect to the same server with a different SSL certificate. (Identified by its Fingerprin…
-
### Issue Summary
Rohit reported another security issue:
----
Target URL: https://app.formbricks.com/auth/forgot-password
Vulnerability Type: User Email Enumeration
Severity: Medium
De…
-
- [Mass Exit Attacks on Lightning Network](https://arxiv.org/pdf/2208.01908)
- [Replacement Cycling Attack on the Lightning Network](https://github.com/ariard/mempool-research/blob/2023-10-replacem…
-
-
- Site: [https://owasp.org](https://owasp.org)
**New Alerts**
- **Application Error Disclosure** [90022] total: 1:
- [https://owasp.org/www-community/Improper_Error_Handling](https://owasp.o…
-
### Issue Summary
The department of health in Hong Kong reported the following issue:
**Content Security Policy (CSP) Header Not Set**
```
Content Security Policy (CSP) is an added layer…
-
**As a** service provider
**I need** my service to use security headers and CORS policies
**So that** my web site is not vulnerable to CORS attacks
#### Assumptions
* Flask-Talism…
-
Følgende api i `server\src\api\public\auth.ts` er sårbar for timing angrep:
```typescript
router.post("/auth/magic-link",
validateBody(MagicLinkPayloadSchema),
(req, res) => {
…
-
Title: US-22
Priority: 5 Low
Estimation: 5
Risk: Low
Requirement: FR22
### User Story
As a user, I want the system to validate external links, so that I can avoid potential security risks from mal…