3 matches found
maven: Block repositories using http by default
A flaw was found in maven. Repositories that are defined in a dependency’s Project Object Model pom, which may be unknown to users, are used by default resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend to be that...
How to Block HTTP TRACE Method by Using Responder Policy
This article describes how to use responder policy to block http trace method when clients access origin web servers behind lb virtual server...
miniOrange's Malware Scanner < 4.5.2 - Admin+ Stored Cross-Site Scripting
The plugin does not sanitise and escape some of its settings, leading to malicious users with administrator privileges to store malicious Javascript code leading to Cross-Site Scripting attacks when unfilteredhtml is disallowed for example in multisite setup Put the following payload in the...