sncft.com.tn Cross Site Scripting vulnerability OBB-3953595

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Introducing the Rapid7 Command Platform

Integrated Security Operations for the Next-Generation Attack Surface As cybercrime and attack surfaces have sprawled, Rapid7 has been able to grow with our customers because we are relentlessly focused on relevance. The way we see it, relevance doesn’t mean aligning to market definitions of...

Microsoft Bounty Program Year in Review: $16.6M in Rewards

We are excited to announce that this year the Microsoft Bounty Program has awarded $16.6M in bounty awards to 343 security researchers from 55 countries, securing Microsoft customers in partnership with the Microsoft Security Response Center MSRC. Each year we identify over a thousand potential...

Microsoft Bounty Program Year in Review: $16.6M in Rewards

We are excited to announce that this year the Microsoft Bounty Program has awarded $16.6M in bounty awards to 343 security researchers from 55 countries, securing Microsoft customers in partnership with the Microsoft Security Response Center MSRC. Each year we identify over a thousand potential...

tennisplanet.de Cross Site Scripting vulnerability OBB-3953534

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

eduteka.icesi.edu.co Cross Site Scripting vulnerability OBB-3953358

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

icel.com.br Cross Site Scripting vulnerability OBB-3953228

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

HackerOne: Access to limited confidential information of private program as a Ex-reporter, Report Participant(external user) & Ex-staff member

The report described a vulnerability that allowed access to limited confidential information of a private program by ex-reporters, report participants, and ex-staff members of the program. The vulnerability was due to an endpoint that exposed details about the private program, including its...

[SECURITY] Fedora 40 Update: hostapd-2.11-1.fc40

hostapd is a user space daemon for access point and authentication servers. It implements IEEE 802.11 access point management, IEEE 802.1X/WPA/WPA2/EAP Authenticators and RADIUS authentication server. hostapd is designed to be a "daemon" program that runs in the back-ground and acts as the backen...

chiensetchats-perdu.com Cross Site Scripting vulnerability OBB-3953026

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2024-41519

Feripro /zuordnung/veranstaltungen/" through the "school" input field...

CVE-2024-41518

An Incorrect Access Control vulnerability in "/admin/programm//export/statistics" in Feripro = v2.2.3 allows remote attackers to export an XLSX file with information about registrations and participants...

artinasia.com Cross Site Scripting vulnerability OBB-3952952

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

classmgmt.com Cross Site Scripting vulnerability OBB-3952796

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

PT-2024-29437 · Feripro · Feripro

Name of the Vulnerable Software and Affected Versions: Feripro versions prior to 2.2.4 Description: The issue concerns a Cross Site Scripting XSS vulnerability. It can be exploited via the "/admin/programm//zuordnung/veranstaltungen/" endpoint through the school input field. Recommendations: For...

Wordfence Intelligence Weekly WordPress Vulnerability Report (July 22, 2024 to July 28, 2024)

Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? Researchers can earn up to $10,400, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we handle all the rest...

jozsefvarosanno.ucoz.com Cross Site Scripting vulnerability OBB-3952443

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

How To Get the Most From Your Security Team's Email Alert Budget

We'll TL;DR the FUDdy introduction: we all know that phishing attacks are on the rise in scale and complexity, that AI is enabling more sophisticated attacks that evade traditional defenses, and the never-ending cybersecurity talent gap means we're all struggling to keep security teams fully...

CVE-2024-41047

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix XDP program unloading while removing the driver The commit 6533e558c650 "i40e: Fix reset path while removing the driver" introduced a new PF state "I40EINREMOVE" to block modifying the XDP program while the driver is...

Empowering WordPress Bug Bounty Hunters: Meet the New Wordfence Bug Bounty Program Researcher Dashboard

Today, we are very excited to announce the launch of our brand-new researcher dashboard for the Wordfence Bug Bounty Program! One frequent request we received from our researchers was to have a way to manage and track all their vulnerability submissions in a single location, and we’re delivering...