EUVD-2014-5707

Malware in sbrugna...

EUVD-2014-3166

Malware in sbrugna...

schizoid-personality-disorder-test.okcupid-com.freecougardatingsite.com Cross Site Scripting vulnerability OBB-3355809

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Several Unpatched Popular Android Apps Put Millions of Users at Risk of Hacking

A number of high-profile Android apps are still using an unpatched version of Google's widely-used app update library, potentially putting the personal data of hundreds of millions of smartphone users at risk of hacking. Many popular apps, including Grindr, Bumble, OkCupid, Cisco Teams, Moovit,...

Flaws in OkCupid app could have exposed millions of user data to hackers

By Sudais Asif OkCupid app known as a popular dating platform has over 50 million registered users. This is a post from HackRead.com Read the original post: Flaws in OkCupid app could have exposed millions of user data to hackers...

OkCupid Security Flaw Threatens Intimate Dater Details

Researchers have discovered a slew of issues in the popular OkCupid dating app, which could have allowed attackers to collect users’ sensitive dating information, manipulate their profile data or even send messages from their profile. OkCupid is one of the most popular dating platforms worldwide,...

OkCupid Dating App Flaws Could've Let Hackers Read Your Private Messages

Cybersecurity researchers today disclosed several security issues in popular online dating platform OkCupid that could potentially let attackers remotely spy on users' private information or perform malicious actions on behalf of the targeted accounts. According to a report shared with The Hacker...

OkCupid Dating App Flaws Could've Let Hackers Read Your Private Messages

Cybersecurity researchers today disclosed several security issues in popular online dating platform OkCupid that could potentially let attackers remotely spy on users' private information or perform malicious actions on behalf of the targeted accounts. According to a report shared with The Hacker...

New Research on the Adtech Industry

The Norwegian Consumer Council has published an extensive report about how the adtech industry violates consumer privacy. At the same time, it is filing three legal complaints against six companies in this space. From a Twitter summary: 1. thread We are filing legal complaints against six...

Coffee Meets Bagel Dating App Warns Users of Breach

Popular dating app Coffee Meets Bagel has sent its users an email notifying them that their data may have been “acquired by an unauthorized party.” The news comes days after a massive database containing the information of around 6.2 million Coffee Meets Bagel users showed up on the Dark Web. Use...

Critical OkCupid Flaw Exposed Daters to App Takeovers

A critical flaw in the OkCupid app has been found that could allow a bad actor to steal credentials, launch man-in-the-middle attacks or completely compromise the victim’s application. This is separate from the OKCupid account-takeover incident reported earlier in the week, but it does fit the...

Exposed: Instagram, OKCupid, Mumsnet All Face Data Concerns

It has once again been busy on the data privacy/exposure front as the week kicks off, with Instagram, dating site OKCupid and the UK’s powerhouse discussion site, Mumsnet, all making recent news. A report on GDPR breach notifications rounds out the latest. First up, Instagram users are apparently...

okcupid.com XSS vulnerability

Open Bug Bounty ID: OBB-454832 Description| Value ---|--- Affected Website:| okcupid.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat Sheet...

OkCupid Dating - Customized SSL, Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application OkCupid Dating published at the 'play' market has multiple vulnerabilities...

OkCupid OKWS Cross-Site Scripting Vulnerability

OkCupid OKWS OK Web Server is a web server for creating web services. A security vulnerability exists in the libahttp/err.c file of OkCupid OKWS, which originates from a non-existent page that does not adequately filter the 'PATHINFO' value. A remote attacker could use this vulnerability to injec...

CVE-2014-3148

Cross-site scripting XSS vulnerability in libahttp/err.c in OkCupid OKWS OK Web Server allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to a non-existent page, which is not properly handled in a 404 error page...

Cross site scripting

Cross-site scripting XSS vulnerability in libahttp/err.c in OkCupid OKWS OK Web Server allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to a non-existent page, which is not properly handled in a 404 error page...

CVE-2014-3148

CVE-2014-3148 is an XSS vulnerability in OkCupid OKWS (OK Web Server), originating from the libahttp/err.c handling of PATH_INFO for non-existent pages. A remote attacker can inject arbitrary web script/HTML by crafting a request to a non-existent page, exploiting improper filtering on the 404 er...

CVE-2014-3148

Cross-site scripting XSS vulnerability in libahttp/err.c in OkCupid OKWS OK Web Server allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to a non-existent page, which is not properly handled in a 404 error page...

OkCupid: An XSS bug was fixed due to my report, but I didn't submit it through the h1

I wasn't notified of the security process, and received no bounty. On Jan 08, 2015 at 01:22AM UTC OkCupid User Feedback wrote: don't hover over this if you put this on your profile and they hover over it, they will "like" your profile this can be used to execute arbitrary clientside code...