2 matches found
Nextcloud: [Reflected XSS] In Request URL
In index.php file on 1765 we can see XSS: " Because NextCloud allow links like: '/index.php/ANYCONTENT' If we will do request like: POST /updater/index.php/h"alert1; HTTP/1.1 Host: vulns.local Content-Type: application/x-www-form-urlencoded Content-Length: 33 updater-secret-input=OURSECRET We wil...
[SECURITY] Fedora 27 Update: electrum-3.0.5-1.fc27
Electrum is an easy to use Bitcoin client. It protects you from losing coins in a backup mistake or computer failure, because your wallet can be recovered from a secret phrase that you can write on paper or learn by heart. There is no waiting time when you start the client, because it does not...