Lucene search
K

283 matches found

Hacker One
Hacker One
added 2020/08/18 8:54 p.m.85 views

HackerOne: Recently added 'Country' field doesn't send email notification when changed

Summary: Hi team, This is a small bug report. Actually I think there is no important security issue but I wanted to report it ¯\ツ/¯ If you change your 'Country' information on account settings, HackerOne doesn't send Your profile was recently changed email. Description: There is an email...

0.2AI score
Exploits0
CNVD
CNVD
added 2020/06/22 12:0 a.m.2 views

Unspecified Vulnerability in Mattermost Server (CNVD-2020-35448)

Mattermost Server is the United States Mattermost company's set of open source messaging platform. A security vulnerability exists in Mattermost Server versions prior to 3.8.2, 3.7.5 and 3.6.7. An attacker can exploit the vulnerability to add a forged link to an email notification...

4.3CVSS6.7AI score0.00581EPSS
Exploits0References1
Prion
Prion
added 2020/06/19 10:15 p.m.13 views

Code injection

User is allowed to set an email as a notification email even without verifying the new email in all previous GitLab CE/EE versions through 13.0.1...

4CVSS4.3AI score0.00674EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2020/06/19 9:37 p.m.16 views

CVE-2020-13276

Removed by vendor...

7.4CVSS5.8AI score0.00674EPSS
Exploits0
Hacker One
Hacker One
added 2020/03/31 9:12 a.m.16 views

DRIVE.NET, Inc.: [www.drive2.ru] Insufficient Security Configurability - Email notification is not being sent while changing passwords

Email notification was not sent while changing passwords. This issue was fixed. Best Practices As recommended practices, Due to missing notification email when changing password, If the password has been maliciously changed, the user will not be able to notice it, so immediate security measures...

2.2AI score
Exploits0
Hacker One
Hacker One
added 2020/02/21 6:5 p.m.101 views

GitLab: Email notification about login email changed is not received when using verified linked email address

Summary In https://gitlab.com/profile, user can update the email id to use for login to gitlab account using field "Email". Usually, when this login email id is updated, there will be 2 email sent on previous email Id with subjects as. Email 1 - Email Changed:- This tell that login email has been...

6.7AI score
Exploits0
OSV
OSV
added 2020/01/24 9:15 p.m.3 views

UBUNTU-CVE-2020-5225

Log injection in SimpleSAMLphp before version 1.18.4. The www/erroreport.php script, which receives error reports and sends them via email to the system administrator, did not properly sanitize the report identifier obtained from the request. This allows an attacker, under specific circumstances,...

5.4CVSS5.8AI score0.00653EPSS
Exploits0References4
OSV
OSV
added 2019/09/09 6:15 p.m.20 views

CVE-2019-5471

An input validation and output encoding issue was discovered in the GitLab email notification feature which could result in a persistent XSS. This was addressed in GitLab 12.1.2, 12.0.4, and 11.11.6...

5.4CVSS6.4AI score
Exploits0References3
UbuntuCve
UbuntuCve
added 2019/09/09 6:15 p.m.26 views

CVE-2019-5471

An input validation and output encoding issue was discovered in the GitLab email notification feature which could result in a persistent XSS. This was addressed in GitLab 12.1.2, 12.0.4, and 11.11.6...

5.4CVSS6.1AI score0.00789EPSS
Exploits1References2
Prion
Prion
added 2019/09/09 6:15 p.m.20 views

Input validation

An input validation and output encoding issue was discovered in the GitLab email notification feature which could result in a persistent XSS. This was addressed in GitLab 12.1.2, 12.0.4, and 11.11.6...

3.5CVSS5.2AI score0.00789EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2019/09/09 5:47 p.m.32 views

CVE-2019-5471

An input validation and output encoding issue was discovered in the GitLab email notification feature which could result in a persistent XSS. This was addressed in GitLab 12.1.2, 12.0.4, and 11.11.6...

5.1AI score0.00789EPSS
Exploits1References2
CVE
CVE
added 2019/09/09 5:47 p.m.63 views

CVE-2019-5471

CVE-2019-5471 concerns an input validation and output encoding flaw in GitLab’s email notification feature that could yield a persistent XSS. The issue affects GitLab’s email notifications (notably in merge-request and repository push emails) where unsanitized values (e.g., branch names) could be...

5.4CVSS5.1AI score0.00789EPSS
Exploits1References3Affected Software1
Debian CVE
Debian CVE
added 2019/09/09 5:47 p.m.19 views

CVE-2019-5471

Removed by vendor...

5.4CVSS6AI score0.00789EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2019/09/09 12:0 a.m.5 views

PT-2019-17694 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions prior to 11.11.6 GitLab versions prior to 12.0.4 GitLab versions prior to 12.1.2 Description: An issue with input validation and output encoding was found in the email notification feature, potentially leading to a persistent...

5.4CVSS5.3AI score0.00789EPSS
Exploits1References7
Hacker One
Hacker One
added 2019/08/08 2:35 a.m.55 views

HackerOne: [Bypass #645264] Report title disclosure despite the program settings for email notification is set to "No Content"

Hi Team, Summary: There is newly disclosed resolved report Program Email Nofication settings ignored when being added as an external contributor, However i found that the fix is incomplete. I have found that email invitation for a collaborator bounty splitting still disclosing the Report title in...

0.9AI score
Exploits0
Hacker One
Hacker One
added 2019/07/16 3:52 p.m.22 views

HackerOne: Program Email Nofication settings ignored when being added as an external contributor

Summary: When being added as an external contributor to a report, the report title are displayed in the email notification despite the program email notification settings being set to No Content Description: Hey team! I noticed that programs have the ability to set their Email Notification...

0.6AI score
Exploits0
FreeBSD
FreeBSD
added 2019/04/29 12:0 a.m.48 views

Gitlab -- Multiple vulnerabilities

Gitlab reports: Moving an Issue to Private Repo Leaks Project Namespace Notification Emails Sent to Restricted Users Unauthorized Comments on Confidential Issues Merge Request Approval Count Inflation Unsanitized Branch Names on New Merge Request Notification Emails Improper Sanitation of...

6.5CVSS3.5AI score0.01322EPSS
Exploits6References1
Veeam
Veeam
added 2018/12/26 6:26 p.m.10 views

Veeam Backup for Office 365 No E-Mail Notification After Job Run

Challenge When the backup job completes the Job notification is never received. Cause 1. Error: Unable to connect to the remote server 2. Job completes with no Error, but you do not receive a notification email. This can be caused by: Email relay server blocking emails that exceed 512KB size The...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2018/12/04 6:52 a.m.90 views

Quora Gets Hacked – 100 Million Users Data Stolen

The World's most popular question-and-answer website Quora has suffered a massive data breach with unknown hackers gaining unauthorized access to potentially sensitive personal information of about 100 million of its users. Quora announced the incident late Monday after its team last Friday...

1.6AI score
Exploits0
OSV
OSV
added 2018/11/20 9:29 p.m.4 views

CVE-2018-19390

FoxitReader.exe in Foxit Reader 9.3.0.10826 allows remote attackers to cause a denial of service Break instruction exception and application crash via TIFF data because of a ConvertToPDFx86!ConnectedPDF::ConnectedPDFSDK::FCPSendEmailNotification issue...

5.5CVSS5.8AI score0.02171EPSS
Exploits1References3
Rows per page
Query Builder