3 matches found
Design/Logic Flaw
An issue has been discovered in GitLab EE affecting all versions starting from 14.1 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. It was possible for EE-licensed users to link any security policy project by its ID to projects or group...
Cross site scripting
IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could disclose sensitive information due an overly permissive cross-domain policy. IBM X-Force ID: 196334...
HackerOne: Information leakage of private program
Hello team, I noticed an issue in Directory where information of a soft-launched program getting disclosed! I made this request as an unauthecated user, http GET /programs/search?query█████████&sort=publishedat%3Adescending&page=1 HTTP/1.1 Host: hackerone.com User-Agent: Mozilla/5.0 Windows NT...