CommuniGatePro 6.1.16 Cross Site Scripting Vulnerability

CommuniGatePro version 6.1.16 suffers from multiple stored cross site scripting vulnerabilities. Exploit Title: CommuniGatePro webmails Multiple Stored XSS Exploit Author: Boumediene KADDOUR Unit: Algerie Telecom R&D Unit Vendor Homepage: https://www.stalker.com/ Software Link:...

Firefox wyciwyg:// cache zone bypass

There is an interesting vulnerability in how Mozilla Firefox handles internal wyciwyg:// pseudo-URIs. These cache-related resource identifiers are meant to be inaccessible by the user - but there are at least three routes to bypass these restrictionss, one of which - HTTP 302 redirect - also...