CGA-6RQC-W5G6-HPG2

Bulletin has no description...

Semrush: Lack of sanitization of the billing address in pdf invoice

A vulnerability in the invoice PDF generation allowed HTML code injection due to insufficient sanitization of billing address data. An internal review found no evidence of exploitation...

Semrush: Exposure of service tokens to webpack bundle

Service tokens were exposed in a webpack bundle during the build process due to environment variables being accidentally included in the webpack configuration file. A review found no evidence the exposed tokens were used by unauthorized parties...

MSR JavaScript Cryptography Library Security Feature Bypass Vulnerability

A Security Feature Bypass vulnerability exists in the MSR JavaScript Cryptography Library that is caused by multiple bugs in the library’s Elliptic Curve Cryptography ECC implementation. An attacker could potentially abuse these bugs to learn information about a server’s private ECC key a key...

Hostinger Data Breach: 14M Customer Passwords, Personal Data at Risk

Web hosting company Hostinger is warning that a breach of one of its servers potentially gave bad actors access to the hashed passwords and personal data of more than 14 million customers. Hostinger, a popular web, cloud and virtual private server hosting provider and domain registrar with 29...

Feds Admit Not Doing Enough in ID Theft

An internal review has found that the Justice Department has not done enough to fight identity theft, the fastest-growing crime in the country. Justice Department Inspector General Glenn Fine says in a report that the department is falling short in efforts to combat identity theft, and that the...