PayPal: Bypass for #488147 enables stored XSS on https://paypal.com/signin again

Due to a configuration in frontend, caching servers, it was possible for a researcher to use request smuggling to convert a page request into a cached redirect. If the cached redirect were accessed by a legitimate user, an attacker's content would be rendered instead of the requested page. While...

PT-2021-2904 · Oracle +10 · Mysql Server +9

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 5.7.33 and prior MySQL Server versions 8.0.23 and prior Description: The issue is related to insufficient input validation in the InnoDB component of the MySQL Server. It allows a remote attacker to cause a denial of...

TWSL2011-007: iOS SSL Implementation Does Not Validate Certificate Chain

Trustwave's SpiderLabs Security Advisory TWSL2011-007: iOS SSL Implementation Does Not Validate Certificate Chain https://www.trustwave.com/spiderlabs/advisories/TWSL2011-007.txt Published: 2011-07-25 Version: 1.0 Vendor: Apple http://www.apple.com Product: iOS Version affected: Versions Prior to...