Vulnerabilities tagged "web"

Though perhaps an accidental find by Abhi Sharma it is a great one none-the-less. With a race-condition leading to the bypass of a MFA check.

A somewhat odd vulnerability in Adobe Coldfusion, where it would take an attacker controllable `classname` parameter and use it to compile Coldfusion code on the fly to render in the response.If the `classname` didn't match a valid Coldfusion Class, it would treat the it as a path to a Coldfusion template...

Dynamic typing strikes again! Once again some fun stuff can happen when passing in an array where a string is expected.

Authentication Bypass in Apache's OFBiz by including a the GET param `requirePasswordChange=Y` using this will simply bypass the need to authenticate due to some mishandling of errors.

Honestly, this is a simple bug, a react website, wiht source maps, so easy to find API endpoints the application calls.Upon examination one of them did not require any authentication, the event stream publishing events from the cameras in a redacted teleommunications company office...

This one starts off with a fun mass-assignment issue.Early on in the processing chain of a HTTP request to CrushFTP's web interface it will parse all the HTTP headers into a Java `Properties`object...

This vulnerability impacts kubernetes setups using NGINX as the ingress controller via [ingress-nginx](https://github.com/kubernetes/ingress-nginx). At first I wanted to blame this one on block-listing when they should have used an allow-list, but its not quite that, but it is basically just a missed edge-case that allows for code execution.

Not something we usually end up covering, but a `chrome://` page XSS, and escaping the browser sandbox with an extension.

Normalization gone wrong, Mastodon, when attempting to normalize a domain would intend to remove any trailing `/`from it, however they did this using `.delete("/")` which removes all `/` characters from the string instead of just a trailing `/`. This meant that someone could use an account like `someone@mastodon.so/cial` to spoof the account `someone@mastodon.social`.

A request smuggling to global cache poisoning chain impacting Akami Edge nodes in front of an F5 BigIP server.