101 matches found
Groundbreaking Integration: Stellar Cyber Safeguards OT Environments Alongside IT
By Waqas Stellar Cyber, a cybersecurity company that specializes in providing an Open XDR Extended Detection and Response platform, has… This is a post from HackRead.com Read the original post: Groundbreaking Integration: Stellar Cyber Safeguards OT Environments Alongside IT...
WordPress Stellar Places Plugin <= 1.0.7 is vulnerable to Cross Site Scripting (XSS)
Software Stellar Places Type Plugin Vulnerable versions = 1.0.7 Fixed in 1.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 7cb29a8636b0 Credits Rafie Muhammad Patchstack Required...
Stellar Cyber Launches InterSTELLAR Partner Program for Open XDR Solutions
By Owais Sultan Stellar Cyber, the company that recently made headlines as one of the "10 Hot XDR Security Companies You… This is a post from HackRead.com Read the original post: Stellar Cyber Launches InterSTELLAR Partner Program for Open XDR Solutions...
Stellar Repair for Access – Software Review
By Owais Sultan If your MS Access database is corrupted or is in an inconsistent state, you can use the Compact… This is a post from HackRead.com Read the original post: Stellar Repair for Access – Software Review...
Hands-on Review: Stellar Cyber Security Operations Platform for MSSPs
As threat complexity increases and the boundaries of an organization have all but disappeared, security teams are more challenged than ever to deliver consistent security outcomes. One company aiming to help security teams meet this challenge is Stellar Cyber. Stellar Cyber claims to address the...
Barmak Meftah Joins Stellar Cyber, Innovator of Open XDR, as Board Advisor
By Waqas Barmak Meftah is joining the innovator of Open XDR, Stellar Cyber in a new advisory role. What does… This is a post from HackRead.com Read the original post: Barmak Meftah Joins Stellar Cyber, Innovator of Open XDR, as Board Advisor...
stellar.io Cross Site Scripting vulnerability OBB-2705649
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
js-stellar-sdk authorization issue vulnerability
js-stellar-sdk is an application. A Javascript library for communicating with the Stellar Horizon server. A security vulnerability exists in Js-stellar-sdk versions prior to 8.2.3, which stems from the program's "Utils.readChallengeTx" function not verifying that the server has signed the...
Insecure Signature Verification
stellar-sdk uses insecure signature verification.The function Utils.readChallengeTx fails to verify that the transactions are signed by serverAccountID, allowing invalid challenge transactions as valid ones...
Improper Authentication
Overview The Utils.readChallengeTx function used in SEP-10 Stellar Web Authentication states in its function documentation that it reads and validates the challenge transaction including verifying that the serverAccountID has signed the transaction. The function does not verify that the server ha...
@1llet.xyz/erc4337-gasless-sdk (>=0.4.10 <=0.4.73), @adebaraayomide/synchro_sdk (>=0.0.3 <=0.1.0-synchro-sdk) +209 more potentially affected by CVE-2021-32738 via stellar-sdk (>=0.10.0 <=7.0.0)
stellar-sdk NPM version =0.10.0, =0.4.10, =0.0.3, =3.8.0, =1.0.0, =0.7.0, =1.0.0, =0.0.0-semantic-release-managed, =0.0.0-semantic-release-managed, =0.0.0-semantic-release-managed, =0.0.0-semantic-release-managed, =2.0.73-alpha.212 and more Source cves: CVE-2021-32738 Source advisory:...
GHSA-6CGH-HJPW-Q3GQ Utils.readChallengeTx does not verify the server account signature
The Utils.readChallengeTx function used in SEP-10 Stellar Web Authentication states in its function documentation that it reads and validates the challenge transaction including verifying that the serverAccountID has signed the transaction. The function does not verify that the server has signed...
Utils.readChallengeTx does not verify the server account signature
The Utils.readChallengeTx function used in SEP-10 Stellar Web Authentication states in its function documentation that it reads and validates the challenge transaction including verifying that the serverAccountID has signed the transaction. The function does not verify that the server has signed...
CVE-2021-32738
js-stellar-sdk is a Javascript library for communicating with a Stellar Horizon server. The Utils.readChallengeTx function used in SEP-10 Stellar Web Authentication states in its function documentation that it reads and validates the challenge transaction including verifying that the...
CVE-2021-32738
js-stellar-sdk is a Javascript library for communicating with a Stellar Horizon server. The Utils.readChallengeTx function used in SEP-10 Stellar Web Authentication states in its function documentation that it reads and validates the challenge transaction including verifying that the...
Design/Logic Flaw
js-stellar-sdk is a Javascript library for communicating with a Stellar Horizon server. The Utils.readChallengeTx function used in SEP-10 Stellar Web Authentication states in its function documentation that it reads and validates the challenge transaction including verifying that the...
CVE-2021-32738
CVE-2021-32738 affects the js-stellar-sdk library used to interact with Stellar Horizon. The vulnerability lies in Utils.readChallengeTx, which, before version 8.2.3, did not verify that the server signature was present on the challenge transaction; however, signature verification via Utils.verif...
CVE-2021-32738 Utils.readChallengeTx does not verify the server account signature
js-stellar-sdk is a Javascript library for communicating with a Stellar Horizon server. The Utils.readChallengeTx function used in SEP-10 Stellar Web Authentication states in its function documentation that it reads and validates the challenge transaction including verifying that the...
js-stellar-sdk 数据伪造问题漏洞
js-stellar-sdk is an application. A Javascript library for communicating with the Stellar Horizon server. A security vulnerability exists in Js-stellar-sdk versions prior to 8.2.3, which stems from the program's "Utils.readChallengeTx" function not verifying that the server has signed the...
Software Review: Stellar Repair for Exchange
By Owais Sultan When disaster strikes in the Exchange server, you must have a contingency plan in place to recover from it quickly. This is a post from HackRead.com Read the original post: Software Review: Stellar Repair for Exchange...