Google Alert - site: portswigger.net/daily-swig/vulnerabilities

High-impact vulnerability in DrayTek routers leaves thousands of SMEs open to exploitation

Read full post . . . or http://www.go-que.com/high-impact-vulnerability-in-draytek-routers-leaves-thousands-of-smes-open-to-exploitation

Read full post . . . or https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/high-impact-vulnerability-in-draytek-routers-leaves-thousands-of-smes-open-to-exploitation&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AOvVaw2AH0hou83z5WZYvTF_ZmeF

A critical security vulnerability impacting DrayTek Vigor routers … The Daily Swig has asked the researchers if they have seen a reduction in … https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/high-impact-vulnerability-in-draytek-routers-leaves-thousands-of-smes-open-to-exploitation&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AOvVaw2AH0hou83z5WZYvTF_ZmeF

XSS in Gmail’s AMP For Email earns researcher $5,000 | The Daily Swig – PortSwigger

Read full post . . . or http://www.go-que.com/xss-in-gmails-amp-for-email-earns-researcher-5000-the-daily-swig-portswigger

Read full post . . . or https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/xss-in-gmails-amp-for-email-earns-researcher-5-000&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AOvVaw1GkrWIX9asu462PApCzH5E

A cross-site scripting (XSS) vulnerability in AMP for Email, Gmail’s dynamic email feature, has netted a security researcher a $5,000 bug bounty … https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/xss-in-gmails-amp-for-email-earns-researcher-5-000&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AOvVaw1GkrWIX9asu462PApCzH5E

Chromium site isolation bypass allows wide range of attacks on browsers | The Daily Swig

Read full post . . . or http://www.go-que.com/chromium-site-isolation-bypass-allows-wide-range-of-attacks-on-browsers-the-daily-swig

Read full post . . . or https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/chromium-site-isolation-bypass-allows-wide-range-of-attacks-on-browsers&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AOvVaw3evtZ_nHSZMhE49fhL9EJt

The security weakness opens the door to a number of exploits including stealing private information, reading and modifying cookies, and gaining access … https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/chromium-site-isolation-bypass-allows-wide-range-of-attacks-on-browsers&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AOvVaw3evtZ_nHSZMhE49fhL9EJt

ParseThru: HTTP parameter smuggling flaw uncovered in several Go applications

Read full post . . . or http://www.go-que.com/parsethru-http-parameter-smuggling-flaw-uncovered-in-several-go-applications

Read full post . . . or https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/parsethru-http-parameter-smuggling-flaw-uncovered-in-several-go-applications&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AOvVaw3_3Lr5rdOAuw1gWfrrVCm4

HTTP parameter smuggling vulnerability uncovered in several Go applications … GoLang - or Go - uses the ‘net/url’ library to parse URLs and, … https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/parsethru-http-parameter-smuggling-flaw-uncovered-in-several-go-applications&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AOvVaw3_3Lr5rdOAuw1gWfrrVCm4

Swiss government announces upcoming launch of federal bug bounty program

Read full post . . . or http://www.go-que.com/swiss-government-announces-upcoming-launch-of-federal-bug-bounty-program

Read full post . . . or https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/swiss-government-announces-upcoming-launch-of-federal-bug-bounty-program&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AOvVaw0Vw9QJ3h5LOnsQ9-4L-ZhT

The project returned a total of 10 vulnerabilities, including one … Sandro Nafzger, CEO and co-founder, told The Daily Swig: “We are very proud … https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/swiss-government-announces-upcoming-launch-of-federal-bug-bounty-program&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AOvVaw0Vw9QJ3h5LOnsQ9-4L-ZhT

Jenkins security: Unpatched XSS, CSRF bugs included in latest plugin advisory

Read full post . . . or http://www.go-que.com/jenkins-security-unpatched-xss-csrf-bugs-included-in-latest-plugin-advisory

Read full post . . . or https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/jenkins-security-unpatched-xss-csrf-bugs-included-in-latest-plugin-advisory&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AOvVaw0WlVJIwESNDrsBsYWFBTaO

Stored cross-site scripting (XSS) flaws were also discovered in the … Jenkins security officer Wadeck Follonier told The Daily Swig: “The main … https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/jenkins-security-unpatched-xss-csrf-bugs-included-in-latest-plugin-advisory&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AOvVaw0WlVJIwESNDrsBsYWFBTaO

Trio of XSS bugs in open source web apps could lead to complete system compromise

Read full post . . . or http://www.go-que.com/trio-of-xss-bugs-in-open-source-web-apps-could-lead-to-complete-system-compromise

Read full post . . . or https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/trio-of-xss-bugs-in-open-source-web-apps-could-lead-to-complete-system-compromise&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AOvVaw00o-_cLvOOrPAj4VqUHOYE

Evolution CMS, FUDForum, and GitBucket vulnerabilities chained for … Web security researcher Aleksey Solovev told The Daily Swig that this … https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/trio-of-xss-bugs-in-open-source-web-apps-could-lead-to-complete-system-compromise&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AOvVaw00o-_cLvOOrPAj4VqUHOYE

CompleteFTP path traversal flaw allowed attackers to delete server files | The Daily Swig

Read full post . . . or http://www.go-que.com/completeftp-path-traversal-flaw-allowed-attackers-to-delete-server-files-the-daily-swig

Read full post . . . or https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/completeftp-path-traversal-flaw-allowed-attackers-to-delete-server-files&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AOvVaw0_oqRk6lppmWGNlkz_1e79

“This vulnerability allows remote attackers to delete arbitrary files on affected installations of EnterpriseDT CompleteFTP server,” a security … https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/completeftp-path-traversal-flaw-allowed-attackers-to-delete-server-files&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AOvVaw0_oqRk6lppmWGNlkz_1e79

XSS vulnerabilities in Google Cloud, Google Play could lead to account hijacks

Read full post . . . or http://www.go-que.com/xss-vulnerabilities-in-google-cloud-google-play-could-lead-to-account-hijacks

Read full post . . . or https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/xss-vulnerabilities-in-google-cloud-google-play-could-lead-to-account-hijacks&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AOvVaw1w4mX0_ngqWXnQivr1703o

Reflected XSS and DOM-based XSS bugs net researchers $3000 and $5000 bug … The researcher told The Daily Swig that they “don’t think the same … https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/xss-vulnerabilities-in-google-cloud-google-play-could-lead-to-account-hijacks&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AOvVaw1w4mX0_ngqWXnQivr1703o

Bug Bounty Radar // The latest bug bounty programs for August 2022 | The Daily Swig

Read full post . . . or http://www.go-que.com/bug-bounty-radar-the-latest-bug-bounty-programs-for-august-2022-the-daily-swig

Read full post . . . or https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/bug-bounty-radar-the-latest-bug-bounty-programs-for-august-2022&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AOvVaw2zT3qV5080mqeojv2OBrH-

Full application details can be found on the UIDAI website. … Only vulnerabilities discovered in the company’s main web domain, sidefx.com, … https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/bug-bounty-radar-the-latest-bug-bounty-programs-for-august-2022&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AOvVaw2zT3qV5080mqeojv2OBrH-

Go Que Newsroom

Categories