APIs Are the Next Frontier in Cybercrime

Application Programming Interface API usage has exploded, and cybercriminals are increasingly taking advantage of API security flaws to commit fraud and steal data. APIs, which are used to create connections between software programs and perform integrations, make everything a bit easier — from...

CVE-2020-14325

CVE-2020-14325 describes a vulnerability in Red Hat CloudForms prior to 5.11.7.0 where a User Impersonation/authorization flaw could let an attacker create or use an RBAC user (with groups/roles such as EvmGroup-super_administrator) and perform API requests as a super administrator. The related R...

Exposed API

foreman does not properly restrict access to APIs. A remote attacker is able to access arbitrary hosts via an API request...

api.rebirth.ro Improper Access Control vulnerability OBB-1246813

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

CVE-2020-15341

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated updateallrealmlicense API...

Information disclosure

An issue was discovered in Mattermost Server before 3.0.0. It allows attackers to obtain sensitive information about team URLs via an API...

Attack Analytics Multi-Sensor Integrations Provide Unmatched Visibility

Since debuting Attack Analytics back in 2018, this groundbreaking security analytics functionality has come a long way. Time and again our customers have told us how powerful they find the tool and how much time it saves them. Attack Analytics better positions Imperva’s customers to focus on what...

h1-ctf: [H1-2006 2020] CTF Writeup

Summary: The CTF's objective could be found in the following Twitter post: F858468 As outlined on https://hackerone.com/h1-ctf, all subdomains of bountypay.h1ctf.com are in scope. Doing subdomain enumeration revealed the following subdomains: api.bountypay.h1ctf.com app.bountypay.h1ctf.com...

Code injection

Jenkins Self-Organizing Swarm Plug-in Modules Plugin 3.20 and earlier does not check permissions on API endpoints that allow adding and removing agent labels...

api.app.squarelovin.com Improper Access Control vulnerability

Open Bug Bounty ID: OBB-1161674 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

CVE-2020-11033

In GLPI from version 9.1 and before version 9.4.6, any API user with READ right on User itemtype will have access to full list of users when querying apirest.php/User. The response contains: - All apitokens which can be used to do privileges escalations or read/update/delete data normally non...

Default credentials

The OKLOK 3.1.1 mobile companion app for Fingerprint Bluetooth Padlock FB50 2.3 allows remote attackers to submit API requests using authenticated but unauthorized tokens, resulting in IDOR issues. A remote attacker can use their own token to make unauthorized API requests on behalf of arbitrary...

Access to all question drafts in private spaces via API

h3. Issue Summary Questions leak information through private space https://asecurityteam.atlassian.net/browse/BOUNTY-2559 h3. Steps to Reproduce Access to questions in spaces is limited to those users that have access to the space. However, question drafts in a restricted space can be accessed by...

Mail.ru: "😂" + Unauthenticated Stored XSS in API at https://api.my.games/comments/v1/comments/update/

Crossite scripting in community.my.games via post comments due to incomplete fix for 848732 I have been working on this issue for 2 hours and over 300 fails. Finally, I could exploit with a very exotic XSS payload. Payload with an emoji a little trick: %F0%9F%98%82!--😂//=...

Mail.ru: SQL LIKE clauses wildcard injection

LIKE clause was misused for session validation in one of https://c-api.city-mobil.ru/v2 API calls, allowing character-by-character session bruterofce. The session validation logic mistakenly allowed wildcards in the authorization token...

The 2020 Cyberthreat Defense Report: Simplify Security with Unified Tools and Monitoring

The CyberEdge Group’s recently released 2020 Cyberthreat Defense Report CDR details findings based on a survey of 1200 security IT professionals from around the globe. Although multiple key takeaways emerged from analyzing their perceptions and insights, it’s worth digging a little further into o...

Design/Logic Flaw

An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an API request and obtain the full application path along with the customer name...

Staging.every.org: Private account causes displayed through API

Summary: Any authenticated user can see which causes a private account user is interested in, by sending a GET request to the API, even though this information is not displayed anywhere on the profile page. In the profile settings, the following message is displayed for "Private Supporter" option...

openSUSE Security Update : salt (openSUSE-2020-357)

This update for salt fixes the following issues : - Avoid possible user escalation upgrading salt-master bsc1157465 CVE-2019-18897 - Fix unit tests failures in testbatchasync tests - Batch Async: Handle exceptions, properly unregister and close instances after running async batching to avoid CPU...

OPENSUSE-SU-2020:0357-1 Security update for salt

This update for salt fixes the following issues: - Avoid possible user escalation upgrading salt-master bsc1157465 CVE-2019-18897 - Fix unit tests failures in testbatchasync tests - Batch Async: Handle exceptions, properly unregister and close instances after running async batching to avoid CPU...