Rockstar Games: Stored XSS with CRLF injection via post message to user feed

In this report, the researcher was able to demonstrate a Stored XSS vulnerability in User Feeds. This vulnerability leveraged CRLF injection in order to bypass existing filters and execute the payload. With their help we were able to improve our filtering and sanitization rules in order to preven...

Open-Xchange OX AppSuite 7.8.0 XSS / Open Redirect

Product: OX AppSuite Vendor: Open-Xchange GmbH Internal reference: 44542 Bug ID Vulnerability type: Cross Site Scripting CWE-80 Vulnerable version: 7.8.0 and earlier Vulnerable component: frontend Report confidence: Confirmed Solution status: Fixed by Vendor Fixed versions: 7.6.2-rev40, 7.6.3-rev...