Cross-site scripting (XSS) in the dynamic file uploads

Impact The dynamic file upload feature is subject to potential XSS attach in case the attacker manages to modify the file names of the records being uploaded to the server. This appears in sections where the user controls the file upload dialogs themselves and has the technical knowledge to chang...

helsinkicorpus.arts.gla.ac.uk Cross Site Scripting vulnerability OBB-3470268

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

cs.helsinki.fi Cross Site Scripting vulnerability OBB-3225467

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

cs.helsinki.fi Cross Site Scripting vulnerability OBB-3128628

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I'm speaking at University College London on September 23, 2019. I'm speaking at World's Top 50 Innovators 2019 at the Royal Society in London on September 24, 2019. I'm speaking at Cyber Security Nordic in Helsinki, Finland on...

Threat Outbreak Alert RuleID32762: Email Messages Distributing Malicious Software on May 11, 2018

Medium Alert ID: 57877 First Published: 2018 May 11 17:07 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID32762 may contain the following files: Name | Size...

Finland's 3rd Largest Data Breach Exposes 130,000 Users' Plaintext Passwords

Over 130,000 Finnish citizens have had their credentials compromised in what appears to be third largest data breach ever faced by the country, local media reports. Finnish Communications Regulatory Authority FICORA is warning users of a large-scale data breach in a website maintained by the New...

yle.fi XSS vulnerability

Open Bug Bounty ID: OBB-564532 Description| Value ---|--- Affected Website:| yle.fi Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Disclosure Standard:| Coordinated Disclosure based on ISO...

helsinki.fi XSS vulnerability

Vulnerable URL: https://www.helsinki.fi/search/?q=retr0facet=%22%3E%3Csvg/onload=alert%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 12228 Google Pagerank| 7 VI...

Finnish ISP is blocking the Pirate Bay, Anonymous stand for Freedom of Expression !

Finnish ISP is blocking the Pirate Bay, Anonymous stand for Freedom of Expression ! Anonymous has urged its followers to target Finnish anti-piracy body the Copyright Information and Anti-Piracy Centre CIAPC after it persuaded the Helsinki District Court to force one of the country's biggest ISPs...