Astra Linux - уязвимость в firefox, thunderbird

In specific HSTS configurations, an attacker could bypass HSTS on a subdomain. This vulnerability affects Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7...

In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.

...

CVE-2024-28197 Account Takeover via Session Fixation in Zitadel [Bypassing MFA]

Zitadel is an open source identity management system. Zitadel uses a cookie to identify the user agent browser and its user sessions. Although the cookie was handled according to best practices, it was accessible on subdomains of the ZITADEL instance. An attacker could take advantage of this and...

PT-2024-22331 · Zitadel · Zitadel

Name of the Vulnerable Software and Affected Versions: Zitadel versions prior to 2.44.3 Zitadel versions 2.45.0 through 2.45.0 before 2.45.1 Zitadel versions prior to 2.46.0 Description: Zitadel is an open source identity management system that uses a cookie to identify the user agent and its use...

Mozilla: HSTS policy on subdomain could bypass policy of upper domain

The Mozilla Foundation Security Advisory describes this flaw as: In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain...

Radancy: Blind SSRF at packagist.maximum.nl

Hello Team, I found a subdomain vulnerable to header blind SSRF: packagist.maximum.nl Steps to Reproduce 1 - Go to https://packagist.maximum.nl/ and intercept it. 2 - Send a GET request adding the parameter X-Forwarded-For and adding a header X-Forwarded-For, the value the header is your Burp...

MTN Group: Firebase Database Takeover in https://pulseradio.mtn.co.ug/

Summary: During my test , in one of the subdomain of mtn.co.ug I found firebase configuration disclosed in the source code along with apiKey and database URL . Exploiting this vulnerability attacker is able to upload malicious data in the firebase account of pulseradio.mtn.co.ug and see database...

Tennessee Valley Authority: SQL Injection on https://soa-accp.glbx.tva.gov/ via "/api/" path - VI-21-015

Summary: i've found this subdomain soa-accp.glbx.tva.gov also is vulnerable to SQLI through /api/ path Steps To Reproduce: https://soa-accp.glbx.tva.gov/api/river/observed-data/GVDA1'+%2f!50000union%2f+SELECT+HOSTNAME--+- hostname dumped...

Engel & Völkers Technology GmbH: reflected xss in ██████

Summary: your subdomain : ██████ suffer from reflected xss bug that leads to execute javascript codes into browser Steps To Reproduce: add details for how we can reproduce the issue 1. visit : █████ 2. you will see popup and xss confirmed Supporting Material/References: █████ Impact An attacker c...

IBM: Reflected XSS and Blind out of band command injection at subdomain dstuid-ww.dst.ibm.com

I found an XSS and Blind OS based injection issue due to the incorrect handling of the characters in THE EMAIL get& post parameters. A injected and a sleep command succesfully executed, the following link works as a PoC that alerts the string in the script: I reproduced the same on Firefox and IE...

Urban Dictionary: URGENT - Subdomain Takeover in support.urbandictionary.com pointing to Zendesk

Hi. I found out that one of your subdomain which is http://support.urbandictionary.com/ can be taken over or is vulnerable to subdomain takeover. If youre gonna visit the site... you will see saying: No help desk at support.urbandictionary.com There is no help desk configured at this address. Thi...

X (Formerly Twitter): Subdomain Expired

Vulnerable domain: mopub.com Vulnerable SUB-domain: http://tool.mopub.com your subdomain http://tool.mopub.com which is pointing to hosted-by.myinternetservices.com and service is expirted at myinternetservices.com Remove this entry otherwise attacker can use this one. thanks...