dioramamodel.sk Cross Site Scripting vulnerability OBB-2510897

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Session Riding and multiple XSS in WebCit

Vendor contacted: 2007-06-24 Affects: Webcit 7.11 Fixed: 2007-07-06 WebCit 7.11 1. Background WebCit is the webfrontend to administer and use Citadel, which is an open-source groupware server. 2. Session Riding 2.I. Problem Description It is possible for an attacker to execute actions in the name...