@adobe/aem-site-template-builder (>=0.1.7 <=0.1.8), alexa-scripts (>=0.2.0 <=0.3.4) +4 more potentially affected by CVE-2020-7730 via bestzip (>=1.1.3 <=2.1.6)

bestzip NPM version =1.1.3, =0.1.7, =0.2.0, =1.0.0, =1.0.0, =0.0.1, =1.0.0, =1.0.2 Source cves: CVE-2020-7730 Source advisory: OSV:GHSA-6XV6-JPVW-CX6Q...

Tarnish - A Chrome Extension Static Analysis Tool To Help Aide In Security Reviews

tarnish is a static-analysis tool to aid researchers in security reviews of Chrome extensions. It automates much of the regular grunt work and helps you quickly identify potential security vulnerabilities. This tool accompanies the research blog post which can be found here. If you don't want to ...

eventideplugins.elasticbeanstalk.com XSS vulnerability

Vulnerable URL: http://eventideplugins.elasticbeanstalk.com/requestTimedTrial.jsp?productName=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa...

AWS Elastic Beanstalk Code Execution

Form:http://en.wooyun.org/bugs/wooyun-2013-040 Abstract£º AWS Elastic Beanstalk is an even easier way for you to quickly deploy and manage applications in the AWS cloud. elasticbeanstalk subdomain exists Struts2 code execution . Details£º poc return /ok:...