The vulnerabilities rated critical have been described as a “file upload allow list bypass” that can lead to arbitrary code execution, and an SQL injection flaw that can provide an attacker read or write access to the targeted store’s database. However, exploitation of these vulnerabilities requires admin privileges, which means they need to be chained […]
Posts Tagged ‘Cross-site Scripting’
Israel-based security researcher Zohar Shachar discovered the vulnerability in April 2019 and it was patched a few weeks later, but he only now disclosed his findings. The flaw affected the Google Maps feature that allows users to create their own map. These maps can be exported in various formats, including Keyhole Markup Language (KML), a […]
Tutanota, an email service dedicated to providing secure message exchange, has admitted to a cross-site scripting (XSS) security flaw that allowed a threat actor to manipulate the email subject when sending it to another address in the service. By tricking the user into forwarding the email, JavaScript code could be executed in the context of […]
THURSDAY, APRIL 25, 2024
WHITE PAPERS
Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...
ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...
Latest Comments