yozgat-rehberi.com Cross Site Scripting vulnerability OBB-2512198

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2014-7397

The CVE-2014-7397 entry applies to the Android app “ileri Gazetesi - Yozgat” (com.byfes.ilerigazetesi) 1.0, which does not verify X.509 certificates from SSL servers. Root cause: missing certificate validation in the app’s SSL/TLS handling. Impact: enables MITM attackers to spoof servers and obta...