Posts tagged 'Bounty Podcast'

Several easy issues this week from leaking envrionment variables, to gaining host code execution and an XSS to RCE.

We've got some cloud issues this week, in Azure Automation and GKE Autopilot along with a couple other interesting chains.

A few interesting issues you this week, a JS race condition in some auth related code for Facebook, some fake prepared queries, and a RCE through sed commands (in pfSense)

Re-accessing the stup page, an unlikely scenario leaking Github Secrets, and a proxying issue in Carbon Black.

Lets talk about "sidedoors" this week, with two vulnerabilities abusing alternative access points, along with an overly verbose error message that actually had some immediate impact, and a look at the challenges of client-sided session.

CSRF lives again in the form of CORF, Cross-Origin Request Forgery with an attack against Grafana. We also take a look at some baby monitor issues and a de-anonymization attack against Twitter.

A "maybe" issue this week in Ruby's net/http library, some long chains leading to XSS, and a look at abusing parameter injection for SSRF in applications integrating with the Google Drive API.

A few unique issues this week, routing issues in ManageEngine, a Little Snitch bypass, an undecodable characters leading to a denial of service.

A new security-related humble bundle, MFA bypass in Box, and a a few older style vulnerabilities: lfi2rce, allow-list bypass with an @ sign, and insecure random number seeds.

This week is a shorter episode looking at some bad code in mermaid.js and Moodle's Shibboleth plugin, and a bit of research regarding URL parsing issues.