CVE-2019-20903 (editor-core)
The hyperlinks functionality in atlaskit/editor-core in before version 113.1.5 allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in link targets.
Month: September 2020
CVE-2019-20903
The hyperlinks functionality in atlaskit/editor-core in before version 113.1.5 allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in link targets.
CVE-2019-20902
Upgrading Crowd via XML Data Transfer can reactivate a disabled user from OpenLDAP. The affected versions are from before version 3.4.6 and from 3.5.0 before 3.5.1.
2020 DevSecOps Community Survey from Sonatype
submitted by /u/ScottContini [link] [comments]Post Source
The No Good, Very Bad Week for Iran’s Nation-State Hacking Ops
A look at the state of Iran’s cyber operations as the US puts the squeeze on it with a pile of indictments and sanctions.
Forcing Firefox to Execute XSS Payloads during 302 Redirects
submitted by /u/movr0spblxr2 [link] [comments]Post Source
CertAlert – A tool to monitor SSL/TLS certs
submitted by /u/nz_kereru [link] [comments]Post Source
Coinbase doubles down on anti-politics stance with exit package offer
“Most employees don’t want to work in these divisive environments,” CEO wrote.
House Passes Bills to Boost Emerging Tech and Shore Up Cybersecurity of Electric Sector
Lawmakers are calling for significant research and development efforts.