15 matches found
16 Fake ChatGPT Extensions Caught Hijacking User Accounts
A coordinated campaign of 16 malicious GPT optimisers has been caught hijacking ChatGPT accounts. These tools steal session tokens to access private chats, Slack, and Google Drive files...
EUVD-2019-5583
Malware in sbrugna...
EUVD-2019-5581
Malware in sbrugna...
EUVD-2019-5582
Malware in sbrugna...
EUVD-2021-17066
Malware in sbrugna...
CVE-2021-30126
Lightmeter ControlCenter 1.1.0 through 1.5.x before 1.5.1 allows anyone who knows the URL of a publicly available Lightmeter instance to access application settings, possibly including an SMTP password and a Slack access token, via a settings HTTP query...
CVE-2019-14365
The Intercom plugin through 1.2.1 for WordPress leaks a Slack Access Token in source code. An attacker can obtain a lot of information about the victim's Slack channels, members, etc...
CVE-2019-14366
WP SlackSync plugin through 1.8.5 for WordPress leaks a Slack Access Token in source code. An attacker can obtain a lot of information about the victim's Slack channels, members, etc...
CVE-2024-32881
Danswer is the AI Assistant connected to company's docs, apps, and people. Danswer is vulnerable to unauthorized access to GET/SET of Slack Bot Tokens. Anyone with network access can steal slack bot tokens and set them. This implies full compromise of the customer's slack bot, leading to internal...
Design/Logic Flaw
Lightmeter ControlCenter 1.1.0 through 1.5.x before 1.5.1 allows anyone who knows the URL of a publicly available Lightmeter instance to access application settings, possibly including an SMTP password and a Slack access token, via a settings HTTP query...
CVE-2019-14365
The Intercom plugin through 1.2.1 for WordPress leaks a Slack Access Token in source code. An attacker can obtain a lot of information about the victim's Slack channels, members, etc...
CVE-2019-14366
WP SlackSync plugin through 1.8.5 for WordPress leaks a Slack Access Token in source code. An attacker can obtain a lot of information about the victim's Slack channels, members, etc...
Code injection
The Intercom plugin through 1.2.1 for WordPress leaks a Slack Access Token in source code. An attacker can obtain a lot of information about the victim's Slack channels, members, etc...
CVE-2019-14365
The Intercom plugin through 1.2.1 for WordPress leaks a Slack Access Token in source code. An attacker can obtain a lot of information about the victim's Slack channels, members, etc...
WP Slacksync < 1.8.6 - Slack Access Token Disclosure
The wpslacksync leaked a Slack Access Token in source code. An attacker can obtain a lot of information about the victim's Slack channels, members, etc...