EUVD-2020-6034

Malware in sbrugna...

CVE-2022-48506

CVE-2022-48506 concerns a flawed pseudorandom number generator in Dominion Voting Systems ImageCast Precinct (ICP and ICP2) and ImageCast Evolution (ICE) scanners. The vulnerability allows deanonymization of voted ballots by deducing the order of ballot casting from public ballot-level data. Affe...

CVE-2022-48506

A flawed pseudorandom number generator in Dominion Voting Systems ImageCast Precinct ICP and ICP2 and ImageCast Evolution ICE scanners allows anyone to determine the order in which ballots were cast from public ballot-level data, allowing deanonymization of voted ballots, in several types of...

iframe.eac.com.au Cross Site Scripting vulnerability OBB-3260482

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

FBI: Rise in Business Email-based Attacks a $43B Headache

The FBI warned the global cost of business email compromise BEC attacks is $43 billion for the time period of June 2016 and December 2021. According to FBI report, 241,206 complaints were lodged by the agency’s Internet Crime Center IC3. BEC or email account compromise EAC are an advanced scammin...

CVE-2021-27065

Microsoft Exchange Server Remote Code Execution Vulnerability Recent assessments: wvu-r7 at March 10, 2021 7:13am UTC reported: When used with CVE-2021-26855, an unauthenticated SSRF, CVE-2021-27065 yields unauthed, SYSTEM-level RCE against a vulnerable Exchange Server. On its own, exploiting thi...

CVE-2020-13819

Extreme EAC Appliance 8.4.1.24 allows unauthenticated reflected XSS via a parameter in a GET request...

Cross site request forgery (csrf)

Extreme EAC Appliance 8.4.1.24 allows unauthenticated reflected XSS via a parameter in a GET request...

CVE-2020-13819

Extreme EAC Appliance 8.4.1.24 is affected by an unauthenticated reflected XSS vulnerability exploitable via a parameter in a GET request. Underlying issue is a reflected script injection in user-supplied input. CVSS metrics indicate Network vector, low attack complexity, no authentication requir...

eac-zlatograd.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1184543 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

eac-zlatograd.com XSS vulnerability

Open Bug Bounty ID: OBB-454590 Description| Value ---|--- Affected Website:| eac-zlatograd.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...

IC3 Warns of Increase in BEC/EAC Schemes

The Internet Crime Complaint Center IC3 has issued an alert describing a growing number of scams targeting businesses working with foreign suppliers or businesses that regularly perform wire transfer payments. These sophisticated scams are classified as business email compromise BEC or email...

XSS vulnerability in "children" macro when displaying excerpts

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-35777. panel - Create a parent page A with a child page B - Add an \excerpt\ macro to B containing the text alert"Gotcha!"; - Ad...

XSS vulnerability in "children" macro when displaying excerpts

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-35777. panel - Create a parent page A with a child page B - Add an \excerpt\ macro to B containing the text alert"Gotcha!"; - Ad...

XSS vulnerability in "children" macro when displaying excerpts

Create a parent page A with a child page B - Add an \excerpt\ macro to B containing the text alert"Gotcha!"; - Add the \children\ macro to page A, with "Show excerpts" checked - Alert is shown when viewing A This is currently present on EAC - likely to be in released versions; not tested yet...

Logout is not working on QA-EAC

Select 'Log Out' from the user menu. Note that you haven't been logged out...

Logout is not working on QA-EAC

Select 'Log Out' from the user menu. Note that you haven't been logged out...

Logout is not working on QA-EAC

Select 'Log Out' from the user menu. Note that you haven't been logged out...