Lucene search
K

6 matches found

NVD
NVD
added 2023/06/12 5:15 p.m.18 views

CVE-2023-34246

Doorkeeper is an OAuth 2 provider for Ruby on Rails / Grape. Prior to version 5.6.6, Doorkeeper automatically processes authorization requests without user consent for public clients that have been previous approved. Public clients are inherently vulnerable to impersonation, their identity cannot...

6.5CVSS5.2AI score0.00716EPSS
Exploits1References7
UbuntuCve
UbuntuCve
added 2023/06/12 5:15 p.m.31 views

CVE-2023-34246

Doorkeeper is an OAuth 2 provider for Ruby on Rails / Grape. Prior to version 5.6.6, Doorkeeper automatically processes authorization requests without user consent for public clients that have been previous approved. Public clients are inherently vulnerable to impersonation, their identity cannot...

6.5CVSS6.5AI score0.00716EPSS
Exploits1References7
Microsoft Secure
Microsoft Secure
added 2021/04/22 4:0 p.m.49 views

Evolving beyond password complexity as an identity strategy

The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia Godyla talks with Troy Hunt, founder of Have I Been Pwned,...

7AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/04/13 6:0 p.m.45 views

How far have we come? The evolution of securing identities

The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia Godyla talks with Troy Hunt, founder of Have I Been Pwned,...

7.1AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2021/04/13 6:0 p.m.43 views

How far have we come? The evolution of securing identities

The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia Godyla talks with Troy Hunt, founder of Have I Been Pwned,...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2010/11/02 12:0 a.m.24 views

Paypal.com Cross Site Scripting

https://www.paypal.com | HTTP Header Injection | Cross Site Scripting XSS | CAPEC-34 | CWE-79 Hoyt LLC - October 28, 2010 http://cloudscan.blogspot.com | http://cloudscan.me https://www.paypal.com | HTTP Header Injection | Cross Site Scripting XSS Tested on IE8, Chrome, Firefox. The affected URL'...

7.4AI score
Exploits0
Rows per page
Query Builder