moon-fachhandel.de Cross Site Scripting vulnerability OBB-3947777

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

analytics.motion-tm.de Cross Site Scripting vulnerability OBB-3947775

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

vetoxhealthcare.com Cross Site Scripting vulnerability OBB-3947743

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

argentdata.com Cross Site Scripting vulnerability OBB-3947598

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

medicalcenterclinic.com Cross Site Scripting vulnerability OBB-3947424

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

lirs.basnet.by.xx3.kz Cross Site Scripting vulnerability OBB-3947261

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

nfbtx.org Cross Site Scripting vulnerability OBB-3947156

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

keepdomain.com Cross Site Scripting vulnerability OBB-3946930

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

webpanel.es Cross Site Scripting vulnerability OBB-3946863

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

ongsbrasil.com.br Cross Site Scripting vulnerability OBB-3946537

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2024-5815

A Cross-Site Request Forgery vulnerability in GitHub Enterprise Server allowed write operations on a victim-owned repository by exploiting incorrect request types. A mitigating factor is that the attacker would have to be a trusted GitHub Enterprise Server user, and the victim would have to visit...

CVE-2024-5816

An Incorrect Authorization vulnerability was identified in GitHub Enterprise Server that allowed a suspended GitHub App to retain access to the repository via a scoped user access token. This was only exploitable in public repositories while private repositories were not impacted. This...

CVE-2024-5817

An Incorrect Authorization vulnerability was identified in GitHub Enterprise Server that allowed read access to issue content via GitHub Projects. This was only exploitable in internal repositories and required the attacker to have access to the corresponding project board. This vulnerability...

CVE-2024-6395 GitHub Enterprise Server Information Disclosure Vulnerability Exposes Private Repository Names via Deploy Keys

An exposure of sensitive information vulnerability in GitHub Enterprise Server would allow an attacker to enumerate the names of private repositories that utilize deploy keys. This vulnerability did not allow unauthorized access to any repository content besides the name. This vulnerability...

CVE-2024-6395

CVE-2024-6395 (GitHub Enterprise Server) exposes a sensitive-information issue that allows an attacker to enumerate the names of private repositories using deploy keys, but does not disclose repository contents. Affected: GitHub Enterprise Server versions prior to 3.14. The root cause, per multip...

CVE-2024-6336 Security misconfiguration was identified in GitHub Enterprise Server that allowed sensitive data exposure

A Security Misconfiguration vulnerability in GitHub Enterprise Server allowed sensitive information disclosure to unauthorized users in GitHub Enterprise Server by exploiting organization ruleset feature. This attack required an organization member to explicitly change the visibility of a depende...

CVE-2024-6336 Security misconfiguration was identified in GitHub Enterprise Server that allowed sensitive data exposure

A Security Misconfiguration vulnerability in GitHub Enterprise Server allowed sensitive information disclosure to unauthorized users in GitHub Enterprise Server by exploiting organization ruleset feature. This attack required an organization member to explicitly change the visibility of a depende...

CVE-2024-5817 Improper authorization allows read access to issue content in GitHub Enterprise Server

An Incorrect Authorization vulnerability was identified in GitHub Enterprise Server that allowed read access to issue content via GitHub Projects. This was only exploitable in internal repositories and required the attacker to have access to the corresponding project board. This vulnerability...

CVE-2024-5816 Improper authorization allows persistent access in GitHub Enterprise Server

An Incorrect Authorization vulnerability was identified in GitHub Enterprise Server that allowed a suspended GitHub App to retain access to the repository via a scoped user access token. This was only exploitable in public repositories while private repositories were not impacted. This...

CVE-2024-5816

CVE-2024-5816 – GitHub Enterprise Server : An Incorrect Authorization flaw allows a suspended GitHub App to retain access to repositories via a scoped user access token. Impact is limited to public repositories; private repos are not affected. Affected: all GitHub Enterprise Server versions prior...