8 matches found
Threat Actor Claims TikTok Breach, Puts 428 Million Records Up for Sale
Alleged TikTok Breach: Threat actor “Often9” claims to sell 428M user records, including emails, phones, and account details on dark web forum. TikTok is investigating!...
CVE-2024-52508
CVE-2024-52508 affects Nextcloud Mail. The auto configuration flow can cause email account details to be sent to an attacker-controlled autoconfig.tld when a user’s domain cannot auto-configure. Affected Nextcloud Mail versions include pre-1.14.6, pre-1.15.4, pre-2.2.11, pre-3.6.3, pre-3.7.7, and...
Nextcloud Mail 信息泄露漏洞
Nextcloud Mail is an email from Nextcloud Germany. An information disclosure vulnerability exists in Nextcloud Mail. An attacker who exploits this vulnerability by registering autoconfig.tld will have the email details used sent to the attacker's server...
Millions of Gemini cryptocurrency exchange user details leaked
If youre a user of the Gemini cryptocurrency exchange, its time to be on your guard against phishing attacks. Gemini says its own systems have not been compromised, but an unnamed third party has become the focal point for a breach. On December 13 or some point before, rogues gained access to jus...
Improper Input Validation Apache Commons Email
If a user of Apache Commons Email typically an application programmer passes unvalidated input as the so-called "Bounce Address", and that input contains line-breaks, then the email details recipients, contents, etc. might be manipulated. Mitigation: Users should upgrade to Commons-Email 1.5. You...
CVE-2018-0557
Stored cross-site scripting vulnerability in Cybozu Mailwise 5.0.0 to 5.4.1 allows remote attackers to inject arbitrary web script or HTML 'E-mail Details Screen' via unspecified vectors...
Multiple cross-site scripting vulnerabilities in Cybozu Mailwise
Overview Cybozu Mailwise contains multiple cross-site scripting vulnerabilities below. Stored cross-site scripting vulnerability in "E-mail Details Screen" CWE-79 - CVE-2018-0557 Reflected cross-site scripting vulnerability in "System settings" CWE-79 - CVE-2018-0558 Reflected cross-site scriptin...
Cybozu Mailwise Cross-Site Scripting Vulnerability
Cybozu Mailwise is a Web-based e-mail system from Cybozu, and E-mail Details Screen is one of the components for viewing e-mail details. A cross-site scripting vulnerability exists in E-mail Details Screen in Cybozu Mailwise versions 5.0.0 through 5.4.1. A remote attacker can use this vulnerabili...