-
**Reflected_XSS_All_Clients** issue exists @ **root/login.jsp** in branch **master**
*The application's out.println embeds untrusted data in the generated output with println, at line 78 of root\lo…
-
**Reflected_XSS_All_Clients** issue exists @ **root/basket.jsp** in branch **master**
*The application's out.println embeds untrusted data in the generated output with println, at line 141 of root\…
-
**Reflected_XSS_All_Clients** issue exists @ **root/register.jsp** in branch **master**
*The application's out.println embeds untrusted data in the generated output with println, at line 96 of root…
-
Adjacent to #714 / #1218 but splitting off into a separate issue for readability. Note that this issue is not about insecure renegotiation, which is is always a failure.
The TLS guidelines say:
…
-
Tracking issue for:
- [ ] https://github.com/2lambda123/cisagov-Malcolm/security/code-scanning/72
-
Tracking issue for:
- [ ] https://github.com/2lambda123/cisagov-Malcolm/security/code-scanning/183
-
Tracking issue for:
- [ ] https://github.com/2lambda123/cisagov-Malcolm/security/code-scanning/186
-
Hi
How can the attack type be displayed to the user as a response on the 403 page?
for example
http://localhost/?id=1+union+select+ # 403 response send message attack detection SQL …
-
**Github username:** --
**Twitter username:** DrippyRobin
**Submission hash (on-chain):** 0x3dea822eb1d8b0d3ca2453fc4137964478d3029aa0f806a73fb0e1a602f8436e
**Severity:** low
**Description:**
**Desc…
-
@NataliItzhak @Tamary @NataliGil @mushon @yuvadm
think of a background story for why are zombies attacking our CSS and cats...
???Mindless web-surfers are turning into zombies after wasting too much…