CVE-2024-46081

Scriptcase v9.10.023 and before is vulnerable to Cross Site Scripting XSS. An authenticated user can craft malicious payloads in the To-Do List. The assigned user will trigger a stored XSS, which is particularly dangerous because tasks are assigned to various users on the platform...

Employee Task Management System v1.0 - SQL Injection Vulnerability

Exploit Title: Employee Task Management System v1.0 - SQL Injection on task-details.php?taskid=? Exploit Author: Muhammad Navaid Zafar Ansari CVE Assigned: CVE-2023-0904 mitre.org, nvd.nist.org Vendor Homepage: https://www.sourcecodester.com Software Link: Employee Task Management System Version:...

Gamification Can Transform Company Cybersecurity Culture

Chief information security officers CISOs of Global 2000 enterprises have one of the toughest jobs in the world, defending their organization’s cyberspace and being the guardian of its assets and private information. But CISOs also have a second, even bigger problem: Their own company employees...

User receives an email even though they don't have access to the page where a task was unassigned

h3. Steps to reproduce: Find/Create a space that has restricted view access Create a page and assign a task to a user that doesn't have view access to the page. Save the page. User does not receive an email, and the task does not show up in the user's to-do correct behavior Edit the page and...