Lucene search
K

119 matches found

The Hacker News
The Hacker News
added 2024/07/25 11:20 a.m.37 views

6 Types of Applications Security Testing You Must Know About

Application security testing is a critical component of modern software development, ensuring that applications are robust and resilient against malicious attacks. As cyber threats continue to evolve in complexity and frequency, the need to integrate comprehensive security measures throughout the...

8.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/05/17 12:0 a.m.23 views

GitLab 3.0.29 < 4.0.5 (CVE-2023-1401)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab DAST scanner affecting all versions starting from 3.0.29 before 4.0.5, in which the DAST scanner leak cross site cookies on redirect during authorization...

5CVSS4.8AI score0.00432EPSS
Exploits1References4
Qualys Blog
Qualys Blog
added 2024/04/22 4:11 p.m.33 views

Empowering Small Businesses in the Digital Age: A Must-Read Guide to Web Application & API Security

Small and medium-sized businesses have increasingly become reliant on web applications - whether they are developed or procured, to drive their operations, engage customers, and scale their businesses. The increasing reliance on online operations is underscored by 84% of businesses using digital...

7.4AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/02/14 12:0 a.m.5 views

The vulnerability of Fortify ScanCentral DAST, a web application security scanner, relates to improper privilege assignment, allowing attackers to elevate their privileges.

The vulnerability of Fortify ScanCentral DAST, a security scanner for web applications, is related to improper privilege assignment. Exploiting this vulnerability can allow an attacker, operating remotely, to increase their privileges...

10CVSS7.8AI score0.00554EPSS
Exploits0References2Affected Software1
Rapid7 Blog
Rapid7 Blog
added 2023/11/09 2:48 p.m.21 views

NEW RESEARCH: Artificial intelligence and Machine Learning Can Be Used to Stop DAST Attacks Before they Start

Within cloud security, one of the most prevalent tools is dynamic application security testing, or DAST. DAST is a critical component of a robust application security framework, identifying vulnerabilities in your cloud applications either pre or post deployment that can be remediated for a...

7AI score
Exploits0
NVD
NVD
added 2023/11/08 5:15 p.m.20 views

CVE-2023-5913

Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The vulnerability could be exploited to gain elevated privileges.This issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1...

9.8CVSS0.00554EPSS
Exploits0References1
OSV
OSV
added 2023/11/08 5:15 p.m.3 views

CVE-2023-5913

Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The vulnerability could be exploited to gain elevated privileges.This issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1...

9.8CVSS5.8AI score0.00554EPSS
Exploits0References1
Prion
Prion
added 2023/11/08 5:15 p.m.25 views

Privilege escalation

Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The vulnerability could be exploited to gain elevated privileges.This issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1...

7.5CVSS7.3AI score0.00554EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/11/08 4:42 p.m.36 views

CVE-2023-5913 A potential Privilege Escalation vulnerability in opentext Fortify ScanCentral DAST API.

Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The vulnerability could be exploited to gain elevated privileges.This issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1...

8.2CVSS9.8AI score0.00554EPSS
Exploits0References1
CVE
CVE
added 2023/11/08 4:42 p.m.79 views

CVE-2023-5913

CVE-2023-5913 affects OpenText Fortify ScanCentral DAST. Root cause: Incorrect Privilege Assignment in the DAST API, enabling possible elevated privileges. Affected versions per sources: 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1 (PT-2023-8579 also lists 21.1 through 23.1). Impact: potential pr...

9.8CVSS9AI score0.00554EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/11/08 4:42 p.m.16 views

CVE-2023-5913 A potential Privilege Escalation vulnerability in opentext Fortify ScanCentral DAST API.

Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The vulnerability could be exploited to gain elevated privileges.This issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1...

8.2CVSS7.1AI score0.00554EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/11/08 12:0 a.m.4 views

Micro Focus Fortify ScanCentral DAST Security Vulnerability

Micro Focus Fortify ScanCentral DAST is a Fortify hosted remote scanning application from Micro Focus UK. A security vulnerability exists in Micro Focus Fortify ScanCentral DAST that stems from incorrect privilege assignment. An attacker could exploit the vulnerability to elevate privileges. The...

9.8CVSS6.9AI score0.00554EPSS
Exploits0References3
Qualys Blog
Qualys Blog
added 2023/10/17 5:5 p.m.18 views

Building an AppSec Program with Qualys WAS – Introduction

Part 1 - Introduction and Configuring a Web Application or API: Basic Information Welcome to our introductory series of blogs where we will take you step-by-step through your application security journey with Qualys Web Application Scanning WAS to build and deploy secure web applications and APIs...

6.8AI score
Exploits0
NVD
NVD
added 2023/07/26 7:15 a.m.51 views

CVE-2023-1401

An issue has been discovered in GitLab DAST scanner affecting all versions starting from 3.0.29 before 4.0.5, in which the DAST scanner leak cross site cookies on redirect during authorization...

5CVSS4.8AI score0.00432EPSS
Exploits1References2
Prion
Prion
added 2023/07/26 7:15 a.m.26 views

Cross site scripting

An issue has been discovered in GitLab DAST scanner affecting all versions starting from 3.0.29 before 4.0.5, in which the DAST scanner leak cross site cookies on redirect during authorization...

4CVSS4.4AI score0.00432EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/07/26 6:1 a.m.27 views

CVE-2023-1401 Insertion of Sensitive Information Into Sent Data in GitLab

An issue has been discovered in GitLab DAST scanner affecting all versions starting from 3.0.29 before 4.0.5, in which the DAST scanner leak cross site cookies on redirect during authorization...

5CVSS4.5AI score0.00432EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/07/26 6:1 a.m.49 views

CVE-2023-1401 Insertion of Sensitive Information Into Sent Data in GitLab

An issue has been discovered in GitLab DAST scanner affecting all versions starting from 3.0.29 before 4.0.5, in which the DAST scanner leak cross site cookies on redirect during authorization...

5CVSS5.1AI score0.00432EPSS
Exploits1References2
CVE
CVE
added 2023/07/26 6:1 a.m.53 views

CVE-2023-1401

GitLab DAST scanner vulnerability CVE-2023-1401 affects GitLab DAST scanner versions 3.0.29 through 4.0.4. The issue is described as leaking cross-site cookies on redirect during authorization. The exact root cause is not detailed in the provided documents. Impact is described as cookie leakage; ...

5CVSS4.4AI score0.00432EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2023/07/26 12:0 a.m.20 views

GitLab 安全漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery and other features. A security vulnerability exists in GitLab DAST scanner versions prior to 3.0.29...

5CVSS5AI score0.00432EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/07/26 12:0 a.m.8 views

PT-2023-16958 · Gitlab · Gitlab Dast Api Scanner +1

Name of the Vulnerable Software and Affected Versions: GitLab DAST scanner versions 3.0.29 through 4.0.5 Description: An issue has been discovered in the GitLab DAST scanner where it leaks cross-site cookies on redirect during authorization. Recommendations: For versions 3.0.29 through 4.0.5,...

5CVSS7AI score0.00432EPSS
Exploits1References7
Rows per page
Query Builder