CVE-2019-1458

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka ‘Win32k Elevation of Privilege Vulnerability’. Recent assessments: gwillcox-r7 at October 19, 2020 5:31pm UTC reported: Known as WizardOpium for its use in the...

Localize: Uninitialized variable error message leaks information

An uninitialized variable $alert at line 630 in index.php shows an error message. This happens after a POST /pages/createproject. The error message does not appear in the browser because the user is redirected to the new project immediately, but it is there in the HTTP response see error.png. Thi...