CVE-2023-47168 Open redirect in /oauth/<service>/mobile_login?redirect_to=

Mattermost fails to properly check a redirect URL parameter allowing for an open redirect was possible when the user clicked "Back to Mattermost" after providing a invalid custom url scheme in /oauth/service/mobilelogin?redirectto=...

Mattermost 输入验证错误漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from an open redirect vulnerability that occurs when a user clicks "Back to Mattermost" after providing an invalid custom URL scheme in /oauth/service/mobilelogin?redirectto=, which...

ionic-simple-lockscreen-md5 (=0.0.7), ons-mobile-login (=0.0.136) potentially affected by CVE-2021-43849 via cordova-plugin-fingerprint-aio (=1.7.0)

cordova-plugin-fingerprint-aio NPM version =1.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on cordova-plugin-fingerprint-aio and may be impacted: - ionic-simple-lockscreen-md5 =0.0.7 - ons-mobile-login =0.0.136 Source cves: CVE-2021-43849 Source...

Foshan Tiema Software Co., Ltd. Tiema Mobile Phone Query System Login Page Exists SQL Injection Vulnerability

Foshan Tiema Software Company, is a high-tech software company specializing in enterprise information management engineering, to provide personalized solutions for different types of enterprises. Foshan Iron Horse Software Co., Ltd Iron Horse cell phone query system login page SQL injection...

This Flaw Could Have Allowed Hackers to Hack Any Instagram Account Within 10 Minutes

Watch out! Facebook-owned photo-sharing service has recently patched a critical vulnerability that could have allowed hackers to compromise any Instagram account without requiring any interaction from the targeted users. Instagram is growing quickly—and with the most popular social media network ...

santacruzcoffee.e-beans.net XSS vulnerability

Open Bug Bounty ID: OBB-462706 Description| Value ---|--- Affected Website:| santacruzcoffee.e-beans.net Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

store.switchbackvt.com XSS vulnerability

Open Bug Bounty ID: OBB-462704 Description| Value ---|--- Affected Website:| store.switchbackvt.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

shop.vigilantecoffee.com XSS vulnerability

Open Bug Bounty ID: OBB-462691 Description| Value ---|--- Affected Website:| shop.vigilantecoffee.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

shop.damicocoffeeroasters.com XSS vulnerability

Open Bug Bounty ID: OBB-462428 Description| Value ---|--- Affected Website:| shop.damicocoffeeroasters.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Expression injection vulnerability in e-mobile platform login.do page of Shanghai Panmicro Network Technology Co.

e-mobile is Panavision's mobile office product for cell phones, tablets and other mobile terminals. An expression injection vulnerability exists in the login.do page of the e-mobile platform of Shanghai Panmicro Network Technology Co. The vulnerability allows an attacker to remotely execute...

www2.esynchrony.com.hk XSS vulnerability

Vulnerable URL: https://www2.esynchrony.com.hk/mobile/index.php?login=1=15〈=1&country2;=2=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| Yes, at 26.07.2017 Latest check for patch:| 26.07.2017 11:48 GMT Vulnerability type:| XSS Vulnerability status:|...