Vulnerabilities (Page 14)

SSRF Cross Protocol Redirect Bypass

When using the ssrfFilter library in conjunction with the Request library in JavaScript there is a bug that can result in the SSRF filter being disabled.The way the anti-SSRF library, ssrfFilter works is that is creates its own object that cna be used in=place of Node’s default request agent for http/http requests…

 

EmojiDeploy: Smile! Your Azure Web Service Got RCE’d ._.

A few vulnerabilities in Azure Web Services via Kudu Git repo manager used for git deployments.Kudu exports a source control management (SCM) portal that can be accessed if you’re authenticated into the instance through Azure Active Directory (AAD), which allows you to manage your web app…

 

Unauthorized access to organization secrets in GitHub

An information disclosure in GitHub through the Security Advisories feature.GitHub allows maintainers to draft public advisories, and in doing so you can create a temporary private fork to collaborate on and review fixes without disclosing them publicly…