186 matches found
CVE-2023-44689
e-Gov Client Application Windows version versions prior to 2.1.1.0 and e-Gov Client Application macOS version versions prior to 1.1.1.0 are vulnerable to improper authorization in handler for custom URL scheme. A crafted URL may direct the product to access an arbitrary website. As a result, the...
Authorization
e-Gov Client Application Windows version versions prior to 2.1.1.0 and e-Gov Client Application macOS version versions prior to 1.1.1.0 are vulnerable to improper authorization in handler for custom URL scheme. A crafted URL may direct the product to access an arbitrary website. As a result, the...
CVE-2023-44689
e-Gov Client Application Windows version versions prior to 2.1.1.0 and e-Gov Client Application macOS version versions prior to 1.1.1.0 are vulnerable to improper authorization in handler for custom URL scheme. A crafted URL may direct the product to access an arbitrary website. As a result, the...
CVE-2023-44689
e-Gov Client Application Windows version versions prior to 2.1.1.0 and e-Gov Client Application macOS version versions prior to 1.1.1.0 are vulnerable to improper authorization in handler for custom URL scheme. A crafted URL may direct the product to access an arbitrary website. As a result, the...
CVE-2023-44689
CVE-2023-44689 affects e-Gov Client Application: Windows prior to 2.1.1.0 and macOS prior to 1.1.1.0 are vulnerable to improper authorization in the handler for the custom URL scheme. A crafted URL can direct the application to access an arbitrary website, enabling phishing scenarios. Publicly do...
JVN#15808274: e-Gov Client Application fails to restrict custom URL schemes properly
e-Gov Client Application is installed, a Custom URL Scheme is configured on the system to enable invoking the product through a web browser. This custom URL contains the information about the website which the product should access, and a crafted URL may direct the application to access an...
creative.gov.au Cross Site Scripting vulnerability OBB-3704322
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
antigo.mctic.gov.br Cross Site Scripting vulnerability OBB-3631019
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
If gov use removeGauge users who use votingPower for that gauge will lose their votingPower infinetly.
Lines of code Vulnerability details Impact When gov use removeGauge gauge's power changed to the 0, however there is no reset for user votePower which stored in voteuserpower mapping. Because of that users will lose their voting power. For example if a user give his 1000 votingPower to removedGau...
vinhedo.sp.gov.br Cross Site Scripting vulnerability OBB-3566253
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
servicos.anchieta.sc.gov.br Cross Site Scripting vulnerability OBB-3468160
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
servicos.capinzal.sc.gov.br Cross Site Scripting vulnerability OBB-3467919
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
ssodev.sharedservices.dir.texas.gov Cross Site Scripting vulnerability OBB-3424513
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
servicos.seara.sc.gov.br Cross Site Scripting vulnerability OBB-3261702
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
servicos.xanxere.sc.gov.br Cross Site Scripting vulnerability OBB-3259911
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
labour.tn.gov.in Cross Site Scripting vulnerability OBB-3076111
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
covid.setequedas.ms.gov.br Cross Site Scripting vulnerability OBB-2823799
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Malicious code in analytics.usa.gov (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e1a33363f19a2f8802327fdc87bafbb52ff7966afefd35a4a378d19651da0132 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-5990 Malicious code in search-gov-website (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 451bca5bdb635f0f47d70d754081dd0ca0a128b60a2c3fb3821b252695738d9b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
egov2.miamigov.com Open Redirect vulnerability OBB-2726691
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...