brand-resources.mcmaster.ca Cross Site Scripting vulnerability OBB-3764822

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

brand-resources.mcmaster.ca Cross Site Scripting vulnerability OBB-3260780

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

nickmcmaster.com Cross Site Scripting vulnerability OBB-2125347

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

avenue.mcmaster.ca Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1190710 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

lalashan.mcmaster.ca XSS vulnerability

Vulnerable URL: http://lalashan.mcmaster.ca/theobio/worden/thumb.php?f=xssposed%23%3Cbody%09onload=confirm%28String.fromCharCode%2888,83,83,80,79,83,69,68%29%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:|...

CVE-2014-6798

CVE-2014-6798 affects the Android application McMaster Marauders (package com.weever.marauders) v1.0.1. The vulnerability is in the app’s SSL/TLS certificate verification: it does not verify X.509 certificates from SSL servers. Root cause: the client fails to validate server certificates, enablin...

CVE-2014-6798

The McMaster Marauders aka com.weever.marauders application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...