b3log Symphony (aka Sym) 2.2.0 does not properly address XSS in JSON objects, as demonstrated by a crafted userAvatarURL value to /settings/avatar, related to processor/AdminProcessor.java, processor/ArticleProcessor.java, processor/UserProcessor.java, service/ArticleQueryService.java, service/AvatarQueryService.java, and …read more
Cloud and related technologies are shaking up the roles of traditional resellers and service providers but Citrix insists channel firms remain a vital part of its go-to-market approach. It’s revamping …read more
Amazon said it will offer a fix for its Amazon Key delivery service that allows hackers to tamper with a home security camera. …read more
The code hosting service GitHub warns developers when including certain flawed software libraries in their projects and suggest fixes to solve the issues.
The code hosting service warns developers when including …read more
Dell Active Roles versions 7.1, 7.0.4, 7.0.3, 7.0.2, and 7.0 suffer from an unquoted service path privilege escalation vulnerability. …read more
In Opencast 2.2.3 and older if user names overlap, the Opencast search service used for publication to the media modules and players will handle the access control incorrectly so that …read more
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. A denial of service may occur. …read more