3 matches found
PT-2024-22284 · Phoenix Contact · Phoenix Contact Charx Sec-3100
Name of the Vulnerable Software and Affected Versions: Phoenix Contact CHARX SEC-3100 versions up to 1.5.1 Description: An unauthenticated remote attacker can extract a session token with a Man-in-the-Middle MitM attack and gain web-based management access with the privileges of the currently...
NVIDIA DGX Security Vulnerability
NVIDIA DGX is a high-performance workstation for deep learning applications from NVIDIA. The NVIDIA DGX H100 suffers from a security vulnerability that stems from a security flaw in the KVM service that allows an unauthenticated attacker to cause session token leakage to other users by observing...
U.S. Dept Of Defense: Blind stored XSS due to insecure contact form at https://█████.mil leads to leakage of session token and
Summary: I have discovered a blind stored cross site scripting vulnerability due to an insecure Contact form available here https://███████.mil/ This form does not properly sanitize user input allowing for the insertion and submission of dangerous characters such as angle brackets. I was able to...