Lucene search
+L

5 matches found

euvd
euvd
added yesterday5 views

EUVD-2026-45009

An issue was discovered in cyrus-imapd in Cyrus IMAP through 3.12.2. GENURLAUTH-issued tokens can bypass ACLs. Any authenticated user could mint a URLAUTH token via the GENURLAUTH command for any mailbox they could name, even without read access on it. This would allow reading mail from mailboxes...

3.5CVSS6.1AI score
Exploits0References3
hackerone
hackerone
added 2020/07/21 8:46 p.m.164 views

GitHub Security Lab: Java: CWE-939 - Address improper URL authorization

This bug was reported directly to GitHub Security Lab...

1.7AI score
Exploits0
hackerone
hackerone
added 2020/06/04 8:41 p.m.158 views

GitHub Security Lab: [Java] CWE-939 - Address improper URL authorization

This bug was reported directly to GitHub Security Lab...

1.7AI score
Exploits0
atlassian
atlassian
added 2014/02/21 9:7 a.m.22 views

XSRF Protection Disables Basic URL Rest Authorization

According to this REST page: https://developer.atlassian.com/display/BAMBOODEV/Using+the+Bamboo+REST+APIs You should be able to login to REST via a URL request by using the following scheme: "http://host:8085/rest/api/latest/plan?osauthType=basic&osusername=&ospassword=" This worked fine for us...

0.5AI score
Exploits0Affected Software1
atlassian
atlassian
added 2014/02/21 9:7 a.m.26 views

XSRF Protection Disables Basic URL Rest Authorization

According to this REST page: https://developer.atlassian.com/display/BAMBOODEV/Using+the+Bamboo+REST+APIs You should be able to login to REST via a URL request by using the following scheme: "http://host:8085/rest/api/latest/plan?osauthType=basic&osusername=&ospassword=" This worked fine for us...

0.5AI score
Exploits0
Rows per page
Query Builder