NodeBB Vulnerability Could Lead RCE

NodeBB Vulnerability Could Lead RCE

Researchers have recently discovered critical flaws in the open source forum platform NodeBB might allow attackers to steal sensitive information and get access to admin accounts. On GitHub, NodeBB is…
Cisco BPA & WSA Flaw

Cisco BPA & WSA Flaw

A set of high-severity privilege-escalation vulnerabilities affecting BPA application and WSA could allow authenticated, remote attackers to access sensitive data or take over a targeted system sending crafter HTTP messages.…
GitLab fixes Critical Vulnerabilities

GitLab fixes Critical Vulnerabilities

GitLab is a web-based DevOps life cycle platform providing an open-source license from GitLab Inc. to offer wiki, problem tracking, and continuous pipeline integration and deployment capabilities. GitLab fixed many…
MS EDGE XSS Vulnerability

MS EDGE XSS Vulnerability

Microsoft rolled out updates for the Edge browser with fixes for two security issues, one of which concerns a security bypass vulnerability that could be exploited to inject and execute…

CISCO ASA Vulnerability goes wild

Hackers are scanning for and actively exploiting a vulnerability in Cisco ASA devices after a PoC exploit was published tracked as CVE-2020-3580. Is a Cisco ASA vulnerability is cross-site scripting…
SIP Abused with XSS

SIP Abused with XSS

The SIP communications protocol can be abused to perform cross-site scripting (XSS) attacks. SIP technology used to manage communication across services including VoIP, audio, and instant messaging, can be used…
HTML Sanitization
Posted inPlugins

HTML Sanitization

Google, Mozilla, and security firm Cure53 have come together to develop an application programming interface (API) that provides a systematic solution to HTML sanitization which will prevent XSS attacks without the…