9 matches found
EUVD-2019-9534
Malware in sbrugna...
CVE-2019-19946
The API in Dradis Pro 3.4.1 allows any user to extract the content of a project, even if this user is not part of the project team...
Vulnerability fixed in Dradis Pro
Dradis has fixed a vulnerability in Dradis Pro. A malicious party could exploit the vulnerability to perform a cross-site scripting attack. Such an attack can lead to execution of arbitrary code in the context of the browser of the victim, or access sensitive data within that same context of the...
Dradis information leakage vulnerability
Dradis is a suite of reporting and collaboration tools for information security teams. A security vulnerability exists in the API in Dradis Pro version 3.4.1. The vulnerability can be exploited by an attacker to extract the contents of a project even if the attacker is not a member of the project...
CVE-2019-19946
The API in Dradis Pro 3.4.1 allows any user to extract the content of a project, even if this user is not part of the project team...
CVE-2019-19946
The API in Dradis Pro 3.4.1 allows any user to extract the content of a project, even if this user is not part of the project team...
Code injection
The API in Dradis Pro 3.4.1 allows any user to extract the content of a project, even if this user is not part of the project team...
CVE-2019-19946
The vulnerability CVE-2019-19946 affects Dradis Pro 3.4.1, where the API allows any user to extract the contents of a project even if not a member of the project team. This is an information leakage issue via the API surface; the available connected sources confirm the product/version and the una...
CVE-2019-19946
The API in Dradis Pro 3.4.1 allows any user to extract the content of a project, even if this user is not part of the project team...