Vulnerabilities tagged "background"

This was a really cool XSS filter bypass due to a parsing differential between PHP's multibyte string functions: `mb_strpos` and `mb_substr` when dealing with invalid UTF-8 sequences.

Just another caching issue, this time we've got a GraphQL API that is being used to serve some static files/content.Those requests that should be cached include a `reqIdentifier` parameter in the URL that acts as the cache key...

The key vulnerability discovered is a relative heap out-of-bounds write in the parsing of MDL files within CS:GO.

Kinda a cool bug dealing with an improper optimization and the usage of an unexpected object from JS, leading to an out-of-bounds access.

Not something we usually end up covering, but a `chrome://` page XSS, and escaping the browser sandbox with an extension.

What happens when you don't properly validate OAuth access tokens? Account takeovers.

I thought this was an excellent post when it came to explaining the exploitation strategy, and has it dealt with encrypted pointers the exploitation was pretty cool to see documented. However I did have some problems following on the actual vulnerability details.

At its core, this is pretty easy to understand, and isn't especially novel, but it is an interesting area, stealing cars so worth covering.The core problem is simply that inside of a modern vehicle you have the Controller Area Network Bus (CAN Bus)...

At its core, we have a simple mistake that can be made pretty easily on all of the cloud platforms though this post focuses in on Azure App Services and Azure Functions.Being able to easily add authentication to your apps on either is nice, but they can easily be misconfigured...

The XSS here is fairly basic, attacker controlled data reflected without sanitization, whats a bit more interesting is the input source, plugin metadata processed by the global Jenkin's Update Center.There is a bit of a process to getting plugins listed in the Update Center, submitted a PR and the first plugin needs to be manually approved, though the authors note that this is mostly a procedural thing...