Big Media [Source]
it-daily.net [Source]
Choiseul Magazine [Source]
Tech Wire Asia [Source]
Hartware.de [Source]
France Inter [Source]
Challenges [Source]
eCommerce-vision [Source]
The Daily Swig [Source]
Retail.at [Source]
Introduction Methodology Exploitation But why does this work? Vendor Response Remediation Advice Conclusion Introduction Often when performing application security research, we come across other researchers who have found critical vulnerabilities in software that can inspire us to dig deeper as well. This was the case when we read the blog...
TL;DR Jira is vulnerable to SSRF which requires authentication to exploit. There are multiple ways to create user accounts on Jira in order to exploit this issue depending on the configuration of the Jira instance. As an attack chain, it may be possible for an attacker to exploit this issue...
Summary Jira Core & Jira Service Desk are vulnerable to server-side request forgery after authenticating. In some cases, it is possible to leverage open sign ups in Jira Core or Jira Service Desk to exploit this server-side request forgery flaw without having known credentials. Impact The SSRF vulnerability allows attackers...
Introduction Once in a while, you come across the perfect storm of vulnerabilities that may be assessed as a medium risk on their own, but when combined they can lead to a critical impact. In this blog post, we detail our journey in auditing a network monitoring software called WhatsUp...
Summary The following vulnerabilities were discovered in Progress Ipswitch WhatsUp Gold: CVE-2022-29845: Local File Disclosure CVE-2022-29846: WhatsUp Gold Serial Number Disclosure CVE-2022-29847: Unauthenticated Server-Side Request Forgery (SSRF) CVE-2022-29848: Authenticated Server-Side Request Forgery (SSRF) The adivsory from Progress can be found here. Impact When combined, these vulnerabilities lead to a critical...
Intro As part of our ongoing work on our Attack Surface Management platform we are continually researching new and relevant vulnerabilities. In some cases, we’ve experienced other talented researchers finding vulnerabilities in software we audited. This blog post attempts to trace the steps of someone else’s vulnerability research with the...
Introduction Let’s try this again Now, with added Kubernetes! Scanning & The Network Boundaries The Kubelet API: Git secrets redux Conclusion Introduction Following on from our 2nd story, we’ll be continuing the epic tale of our research into Cloudflare pages in this third installment. If you haven’t read part...
Introduction OrangeRa1n Jailbreak Conclusion Part 3 Introduction Following on from our 1st story, we’ll be continuing the epic tale of our research into Cloudflare pages in this second installment. If you haven’t read part 1, you can read it here. We pick up where we left off, after harvesting...
Introduction Overview of Cloudflare Pages 🤔 Diving Deeper into Cloudflare Pages The Treasure Map The CTF Command Injection in CLONE_REPO Command Injection in PUBLIC_ASSETS chmod 777 Path Injection Part 2 Introduction Before we get into this lengthy post, we’d like to thank both Cloudflare and HackerOne for working with...
Introduction What is dotCMS? Code Analysis Making a PoC Hacking a Bank Vendor Response Remediation Advice Conclusion The advisory for this issue can be found here. The CVE for this issue is CVE-2022-26352. The advisory from dotCMS can be found here. This security research was performed by Hussein Daher...
Node.js disclosed a bug submitted by bnoordhuis: https://hackerone.com/reports/1690000 [Source]
Node.js disclosed a bug submitted by vvx7: https://hackerone.com/reports/1675191 [Source]
Node.js disclosed a bug submitted by haxatron1: https://hackerone.com/reports/1630336 [Source]
Node.js disclosed a bug submitted by mhdawson: https://hackerone.com/reports/1695596 [Source]
Node.js disclosed a bug submitted by shacharm: https://hackerone.com/reports/1665156 [Source]
PortSwigger Web Security disclosed a bug submitted by xctzn: https://hackerone.com/reports/1677155 [Source]
Adobe disclosed a bug submitted by webcipher101: https://hackerone.com/reports/1656650 [Source]
Linktree disclosed a bug submitted by dewcode91: https://hackerone.com/reports/1718574 - Bounty: $600 [Source]
TikTok disclosed a bug submitted by tw4v3sx: https://hackerone.com/reports/1697599 - Bounty: $100 [Source]
Lark Technologies disclosed a bug submitted by snapsec: https://hackerone.com/reports/1074420 - Bounty: $500 [Source]
Lark Technologies disclosed a bug submitted by snapsec: https://hackerone.com/reports/1080700 - Bounty: $550 [Source]
Yelp disclosed a bug submitted by whitehacker18: https://hackerone.com/reports/1586524 [Source]
U.S. General Services Administration disclosed a bug submitted by ahmed0x0mahmoud: https://hackerone.com/reports/1700896 [Source]
Krisp disclosed a bug submitted by n0_m3rcy: https://hackerone.com/reports/1670304 - Bounty: $100 [Source]
Hyperledger disclosed a bug submitted by shakedreiner: https://hackerone.com/reports/1705717 - Bounty: $2000 [Source]
Lark Technologies disclosed a bug submitted by imran_nisar: https://hackerone.com/reports/1335070 - Bounty: $750 [Source]
Lark Technologies disclosed a bug submitted by imran_nisar: https://hackerone.com/reports/1533220 - Bounty: $500 [Source]
Lark Technologies disclosed a bug submitted by imran_nisar: https://hackerone.com/reports/728199 - Bounty: $1000 [Source]
Stripe disclosed a bug submitted by mr_asg: https://hackerone.com/reports/1685970 - Bounty: $13000 [Source]
Stripe disclosed a bug submitted by gregxsunday: https://hackerone.com/reports/1369191 - Bounty: $500 [Source]
U.S. General Services Administration disclosed a bug submitted by toormund: https://hackerone.com/reports/1218461 [Source]
Stripe disclosed a bug submitted by sim4n6: https://hackerone.com/reports/1580495 - Bounty: $500 [Source]
Stripe disclosed a bug submitted by mustafa_farrag: https://hackerone.com/reports/1560149 - Bounty: $1500 [Source]
Stripe disclosed a bug submitted by mr_asg: https://hackerone.com/reports/1677541 - Bounty: $1000 [Source]
Automattic disclosed a bug submitted by ug0x01: https://hackerone.com/reports/1679276 [Source]
Adobe disclosed a bug submitted by dreamer_eh: https://hackerone.com/reports/1736378 [Source]
Lark Technologies disclosed a bug submitted by imran_nisar: https://hackerone.com/reports/794904 - Bounty: $500 [Source]
Lark Technologies disclosed a bug submitted by imran_nisar: https://hackerone.com/reports/890209 - Bounty: $500 [Source]
Lark Technologies disclosed a bug submitted by imran_nisar: https://hackerone.com/reports/804534 - Bounty: $500 [Source]
TikTok disclosed a bug submitted by f15: https://hackerone.com/reports/1562020 - Bounty: $100 [Source]