2 matches found
maizeinthecity.com Cross Site Scripting vulnerability OBB-3903790
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2014-0035
The CVE-2014-0035 issue affects Apache CXF, specifically SymmetricBinding when EncryptBeforeSigning is enabled and UsernameToken policy is EncryptedSupportingToken. The vulnerability causes the UsernameToken to be transmitted in cleartext, enabling an attacker to sniff sensitive information over ...