4 matches found
mdict.kekenet.com Cross Site Scripting vulnerability OBB-3929157
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
nte.es XSS vulnerability
Open Bug Bounty ID: OBB-50353 Description| Value ---|--- Affected Website:| nte.es Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat Sheet...
events.mit.edu XSS vulnerability
Open Bug Bounty ID: OBB-45917 Description| Value ---|--- Affected Website:| events.mit.edu Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat She...
CVE-2014-1234
CVE-2014-1234 affects the paratrooper-newrelic gem (Ruby) v1.0.1. A local attacker can obtain the X-Api-Key by listing the curl process, due to leakage in the process tree. Impact is local exposure of the API key. Public patches or mitigations are not detailed in the provided documents; refer to ...