How Mexico's ‘CJNG’ Drug Cartel Embraced AI, Drones, and Social Media

Drug kingpin Nemesio “El Mencho” Oseguera Cervantes may be dead, but the Jalisco cartel he ran for years will likely outlive him—thanks, in part, to the criminal group’s embrace of technology...

CVE-2024-42055

Cervantes through 0.5-alpha allows stored XSS...

CVE-2024-42054

Cervantes through 0.5-alpha accepts insecure file uploads...

CVE-2024-42055

Cervantes through 0.5-alpha allows stored XSS...

CVE-2024-42054

Cervantes through 0.5-alpha accepts insecure file uploads...

CVE-2024-42054

Cervantes through 0.5-alpha accepts insecure file uploads...

CVE-2024-42055

Cervantes through 0.5-alpha allows stored XSS...

CVE-2024-42054

Cervantes through 0.5-alpha accepts insecure file uploads...

PT-2024-29715 · Cervantes · Cervantes

Name of the Vulnerable Software and Affected Versions: Cervantes versions through 0.5-alpha Description: The issue allows stored XSS. There is no information about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. Recommendation...

CVE-2024-42054

Cervantes through 0.5-alpha accepts insecure file uploads...

CVE-2024-42055

Cervantes through 0.5-alpha allows stored XSS...

CVE-2024-42055

Cervantes through 0.5-alpha allows stored XSS...

Cervantes 安全漏洞

Cervantes is an open source collaboration platform designed for Pentester and Red Teams by Cervantes Open Source. A security vulnerability exists in Cervantes 0.5-alpha and earlier versions that stems from accepting insecure file uploads...

CVE-2024-42055

CVE-2024-42055 affects Cervantes up to version 0.5-alpha and involves a stored XSS vulnerability. Affected component details are not expanded beyond this description in the provided sources. The PT-2024-29715 notice suggests upgrading to a version that includes a fix, but no specific patched vers...

CVE-2024-42054

CVE-2024-42054 affects Cervantes up to version 0.5-alpha, where the product accepts insecure file uploads. The connected documents confirm the core issue is insecure file upload handling, but do not provide concrete technical details (e.g., affected components, exact vectors, or patch versions). ...

Cervantes 安全漏洞

Cervantes is an open source collaboration platform designed for Pentester and Red Teams by Cervantes Open Source. A security vulnerability exists in Cervantes 0.5-alpha and earlier versions that stems from the presence of a stored cross-site scripting vulnerability...

PT-2024-29714 · Cervantes · Cervantes

Name of the Vulnerable Software and Affected Versions: Cervantes versions through 0.5-alpha Description: The issue allows for insecure file uploads. Recommendations: For versions through 0.5-alpha, consider restricting file upload functionality until a secure version is available. As a temporary...

cvc.cervantes.es Cross Site Scripting vulnerability OBB-3888816

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

cvc.cervantes.es Cross Site Scripting vulnerability OBB-3876446

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

cvc.cervantes.es Cross Site Scripting vulnerability OBB-3451024

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...