CVE-2023-27587

ReadtoMyShoe, a web app that lets users upload articles and listen to them later, generates an error message containing sensitive information prior to commit 8533b01. If an error occurs when adding an article, the website shows the user an error message. If the error originates from the Google...

PT-2024-34704 · Wave 2.0 · Wave 2.0

Name of the Vulnerable Software and Affected Versions: Wave 2.0 Description: This issue is caused by improper exception handling for invalid inputs at a certain API endpoint. An authenticated remote attacker could exploit this by providing invalid inputs for the userId parameter in the API reques...