-
Hey @MarcinHoppe and team,
I'm Cesar, nice to meet you! I really like the Serverless Top 10 Project. I've been thinking about creating a PR with a new version corresponding to the OWASP 2021, but I…
-
### **Summary**
There is a significant Stored Cross-Site Scripting (XSS) vulnerability identified in dzzoffice 2.02.1 SC UTF8. This vulnerability allows the upload of XML files through Ueditor's uplo…
-
## CVE-2022-24999 - High Severity Vulnerability
Vulnerable Library - qs-6.5.2.tgz
A querystring parser that supports nesting and arrays, with a depth limit
Library home page: https://registry.npmjs.…
-
# Summary
Ecshop 3.6 is susceptible to a reflected XSS attack.
The flaw exists due to improper handling and concatenation of user-supplied input in the construction of HTML form elements, leading to…
-
## CVE-2019-14322 - High Severity Vulnerability
Vulnerable Library - Werkzeug-0.15.4-py2.py3-none-any.whl
The comprehensive WSGI web application library.
Library home page: https://files.pythonhoste…
-
## CVE-2018-20190 - Medium Severity Vulnerability
Vulnerable Library - node-sass-7.0.1.tgz
Wrapper around libsass
Library home page: https://registry.npmjs.org/node-sass/-/node-sass-7.0.1.tgz
Path t…
-
# Summary
A stored XSS vulnerability exists in Yapi 1.10.2 (2021-10-13) which allows attackers to execute arbitrary HTML code.
# Details
In the advanced expectation, the user can execute any html c…
-
Hello maintainer(s),
I am a security researcher from the Institute of Application Security at TU Braunschweig, Germany. We discovered a (potential) security vulnerability in your project.
We wo…
-
## CVE-2023-27539 - High Severity Vulnerability
Vulnerable Library - rack-2.2.3.gem
Rack provides a minimal, modular and adaptable interface for developing
web applications in Ruby. By wrapping HTTP…
-
### Application contact emails
achantavy@lyft.com, ramonp@lyft.com
### Project Summary
Cartography builds a self-maintaining map of your infrastructure.
### Project Description
Cartography consol…