7 matches found
NIST and CISA Release Draft Interagency Report on Protecting Tokens and Assertions from Tampering Theft and Misuse for Public Comment
The Cybersecurity and Infrastructure Security Agency CISA and National Institute of Standards and Technology NIST have released an initial draft of Interagency Report IR 8597 Protecting Tokens and Assertions from Forgery, Theft, and Misuse for public comment through January 30, 2026. This report ...
CVE-2024-38447
NATO NCI ANET 3.4.1 allows Insecure Direct Object Reference via a modified ID field in a request for a private draft report that belongs to an arbitrary user...
CVE-2024-38447
NATO NCI ANET 3.4.1 allows Insecure Direct Object Reference via a modified ID field in a request for a private draft report that belongs to an arbitrary user...
CVE-2024-38447
NATO NCI ANET 3.4.1 allows Insecure Direct Object Reference via a modified ID field in a request for a private draft report that belongs to an arbitrary user...
CVE-2024-38447
CVE-2024-38447 concerns NATO NCI ANET 3.4.1, where an insecure direct object reference exists due to a modified ID field in a request for a private draft report that belongs to another user. The affected component is the web application handling private draft reports; the root cause is an ID para...
CVE-2024-38447
NATO NCI ANET 3.4.1 allows Insecure Direct Object Reference via a modified ID field in a request for a private draft report that belongs to an arbitrary user...
HackerOne: Draft report exposure via slack alerting system for programs
Vulnerability description not provided...