119 matches found
6 Types of Applications Security Testing You Must Know About
Application security testing is a critical component of modern software development, ensuring that applications are robust and resilient against malicious attacks. As cyber threats continue to evolve in complexity and frequency, the need to integrate comprehensive security measures throughout the...
GitLab 3.0.29 < 4.0.5 (CVE-2023-1401)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab DAST scanner affecting all versions starting from 3.0.29 before 4.0.5, in which the DAST scanner leak cross site cookies on redirect during authorization...
Empowering Small Businesses in the Digital Age: A Must-Read Guide to Web Application & API Security
Small and medium-sized businesses have increasingly become reliant on web applications - whether they are developed or procured, to drive their operations, engage customers, and scale their businesses. The increasing reliance on online operations is underscored by 84% of businesses using digital...
The vulnerability of Fortify ScanCentral DAST, a web application security scanner, relates to improper privilege assignment, allowing attackers to elevate their privileges.
The vulnerability of Fortify ScanCentral DAST, a security scanner for web applications, is related to improper privilege assignment. Exploiting this vulnerability can allow an attacker, operating remotely, to increase their privileges...
NEW RESEARCH: Artificial intelligence and Machine Learning Can Be Used to Stop DAST Attacks Before they Start
Within cloud security, one of the most prevalent tools is dynamic application security testing, or DAST. DAST is a critical component of a robust application security framework, identifying vulnerabilities in your cloud applications either pre or post deployment that can be remediated for a...
CVE-2023-5913
Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The vulnerability could be exploited to gain elevated privileges.This issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1...
CVE-2023-5913
Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The vulnerability could be exploited to gain elevated privileges.This issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1...
Privilege escalation
Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The vulnerability could be exploited to gain elevated privileges.This issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1...
CVE-2023-5913 A potential Privilege Escalation vulnerability in opentext Fortify ScanCentral DAST API.
Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The vulnerability could be exploited to gain elevated privileges.This issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1...
CVE-2023-5913
CVE-2023-5913 affects OpenText Fortify ScanCentral DAST. Root cause: Incorrect Privilege Assignment in the DAST API, enabling possible elevated privileges. Affected versions per sources: 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1 (PT-2023-8579 also lists 21.1 through 23.1). Impact: potential pr...
CVE-2023-5913 A potential Privilege Escalation vulnerability in opentext Fortify ScanCentral DAST API.
Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The vulnerability could be exploited to gain elevated privileges.This issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1...
Micro Focus Fortify ScanCentral DAST Security Vulnerability
Micro Focus Fortify ScanCentral DAST is a Fortify hosted remote scanning application from Micro Focus UK. A security vulnerability exists in Micro Focus Fortify ScanCentral DAST that stems from incorrect privilege assignment. An attacker could exploit the vulnerability to elevate privileges. The...
Building an AppSec Program with Qualys WAS – Introduction
Part 1 - Introduction and Configuring a Web Application or API: Basic Information Welcome to our introductory series of blogs where we will take you step-by-step through your application security journey with Qualys Web Application Scanning WAS to build and deploy secure web applications and APIs...
CVE-2023-1401
An issue has been discovered in GitLab DAST scanner affecting all versions starting from 3.0.29 before 4.0.5, in which the DAST scanner leak cross site cookies on redirect during authorization...
Cross site scripting
An issue has been discovered in GitLab DAST scanner affecting all versions starting from 3.0.29 before 4.0.5, in which the DAST scanner leak cross site cookies on redirect during authorization...
CVE-2023-1401 Insertion of Sensitive Information Into Sent Data in GitLab
An issue has been discovered in GitLab DAST scanner affecting all versions starting from 3.0.29 before 4.0.5, in which the DAST scanner leak cross site cookies on redirect during authorization...
CVE-2023-1401 Insertion of Sensitive Information Into Sent Data in GitLab
An issue has been discovered in GitLab DAST scanner affecting all versions starting from 3.0.29 before 4.0.5, in which the DAST scanner leak cross site cookies on redirect during authorization...
CVE-2023-1401
GitLab DAST scanner vulnerability CVE-2023-1401 affects GitLab DAST scanner versions 3.0.29 through 4.0.4. The issue is described as leaking cross-site cookies on redirect during authorization. The exact root cause is not detailed in the provided documents. Impact is described as cookie leakage; ...
GitLab 安全漏洞
GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery and other features. A security vulnerability exists in GitLab DAST scanner versions prior to 3.0.29...
PT-2023-16958 · Gitlab · Gitlab Dast Api Scanner +1
Name of the Vulnerable Software and Affected Versions: GitLab DAST scanner versions 3.0.29 through 4.0.5 Description: An issue has been discovered in the GitLab DAST scanner where it leaks cross-site cookies on redirect during authorization. Recommendations: For versions 3.0.29 through 4.0.5,...