Elastic: blind Server-Side Request Forgery (SSRF) allows scanning internal ports

A blind Server-Side Request Forgery SSRF vulnerability was found on a website, allowing an attacker to scan internal ports. The vulnerability could not be used to read HTTP responses, but could be used for reconnaissance purposes, such as port scanning by measuring response time...

Unsecured Microsoft Bing Server Exposed Users' Search Queries and Location

A back-end server associated with Microsoft Bing exposed sensitive data of the search engine's mobile application users, including search queries, device details, and GPS coordinates, among others. The logging database, however, doesn't include any personal details such as names or addresses. The...