8 matches found
Malicious code in cafepress-api (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-6800 Malicious code in cafepress-api (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
CafePress faces $500,000 fine for data breach cover up
The US Federal Trade Commission FTC has announced that it took action against online customized merchandise platform CafePress over allegations that it failed to secure consumers’ sensitive personal data and covered up a major breach. CafePress is a popular online custom T-shirt and merchandise...
Malicious Package
Overview cafepress-api is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using cafepress-api...
cafepress.com XSS vulnerability
Open Bug Bounty ID: OBB-644849 Description| Value ---|--- Affected Website:| cafepress.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
cafepress.com XSS vulnerability
Open Bug Bounty ID: OBB-566707 Description| Value ---|--- Affected Website:| cafepress.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
cafepress.com XSS vulnerability
Open Bug Bounty ID: OBB-350151 Description| Value ---|--- Affected Website:| cafepress.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
shops.cafepress.com Open Redirect vulnerability
Open Bug Bounty ID: OBB-48917 Description| Value ---|--- Affected Website:| shops.cafepress.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4...