CVE-2026-23722 WeGIA has a Reflected Cross-Site Scripting (XSS) vulnerability allowing arbitrary code execution and UI redressing.

WeGIA is a Web Manager for Charitable Institutions. Prior to 3.6.2, a Reflected Cross-Site Scripting XSS vulnerability was discovered in the WeGIA system, specifically within the html/memorando/inseredespacho.php file. The application fails to properly sanitize or encode user-supplied input via t...

WeGIA Cross-Site Script Vulnerabilities

WeGIA is a network manager for welfare institutions developed by Nilson Lazarin as an individual project. Versions of WeGIA prior to 3.6.2 contained a cross-site scripting vulnerability. This vulnerability stemmed from improper cleaning of the idmemorando parameter in the...

GO-2024-3088 memos CORS Misconfiguration in server.go (GHSL-2024-034) in github.com/usememos/memos

memos CORS Misconfiguration in server.go GHSL-2024-034 in github.com/usememos/memos...

23andMe data breach under joint investigation in two countries

The British and Canadian privacy authorities have announced they will undertake a joint investigation into the data breach at global genetic testing company 23andMe that was discovered in October 2023. On Friday October 6, 2023, 23andMe confirmed via a somewhat opaque blog post that cybercriminal...

It’s time to bite the bullet for more secure software

On September 14, 2022, the Office of Management and Budget OMB released their M-22-18 memorandum on "Enhancing the Security of the Software Supply Chain through Secure Software Development Practices." This document builds upon previous government documents such as Executive Order EO 14028...

CISA Requests Public Comment on CISA’s TIC 3.0 Cloud Use Case

CISA has released Trusted Internet Connections TIC 3.0 Cloud Use Case for public comment. TIC is a federal cybersecurity initiative intended to secure federal data, networks, and boundaries while providing visibility into agency traffic, including cloud communications. TIC use cases provide...

CISA Releases Final Version of Guidance: IPv6 Considerations for TIC 3.0

CISA has released the final version of Internet Protocol version 6 IPv6 Considerations for Trusted Internet Connections TIC 3.0. This guidance supports the federal government-wide deployment and use of the modernized network protocol. The final version includes feedback provided during the public...

Federal Agencies to Move to HTTPS-Only Connections

Following the lead of many major Web services, the White House on Monday announced that it would move all of the federal government’s public sites and services to HTTPS-only. Tony Scott, the federal CIO, has issued a memorandum to all federal agencies and departments instructing them to move all ...

SCO Multi-channel Memorandum Distribution Facility Multiple Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/10758/info It has been reported that the SCO Multi-channel Memorandum Distribution Facility MMDF is affected by multiple vulnerabilities. These issues are due to a failure of the utility to properly validate buffer...

Edward Snowden obtained classified NSA documents by stealing Coworker’s Password

We are quite aware of the leaks that the Whistleblower Edward Snowden carried out against the US National Security Agency NSA and after reading every related update, watching every document that he provided to various news websites, you all are left with a question in mind that, How he could carr...

DHS, NIST, Financial Services Group Form Security Research Partnership

As the finger-pointing and name-calling surrounding the WikiLeaks issue continue in Washington, the White House this week facilitated a cooperative agreement among several key public and private organizations designed to spur joint information security research projects. On Tuesday, the Obama...

SCO Multi-channel Memorandum Distribution Facility - Multiple Vulnerabilities

/ source: https://www.securityfocus.com/bid/10758/info It has been reported that the SCO Multi-channel Memorandum Distribution Facility MMDF is affected by multiple vulnerabilities. These issues are due to a failure of the utility to properly validate buffer boundaries when copying user-supplied...

SCO Multi-channel Memorandum Distribution Facility - Multiple Vulnerabilities

SCO Multi-channel Memorandum Distribution Facility - Multiple Vulnerabilities / source: https://www.securityfocus.com/bid/10758/info It has been reported that the SCO Multi-channel Memorandum Distribution Facility MMDF is affected by multiple vulnerabilities. These issues are due to a failure of...