2 matches found
PT-2026-39724
Tookie is a advanced OSINT information gathering tool. Prior to 4.1fix, modules/modules.py's write txt, write csv, write json, and commented-but-shipping scan file helpers open their output as openf"user.", where user comes unsanitized from the -u CLI flag or any line of a -U usernames file. A...
UBUNTU-CVE-2024-28233
JupyterHub is an open source multi-user server for Jupyter notebooks. By tricking a user into visiting a malicious subdomain, the attacker can achieve an XSS directly affecting the former's session. More precisely, in the context of JupyterHub, this XSS could achieve full access to JupyterHub API...