blockisec
blockisec
The swagger-ui which is used by docsy is outdated and prune to a DOM XSS vulnerability.
[How to file a helpful issue](https://www.qubes-os.org/doc/issue-tracking/) ### Qubes OS release Qubes release 4.1.1 (R4.1) ### Brief summary After the latest update of dom0 audio is either not working at all,...
The application allows users to download files. The `filepath` parameter is vulnerable to a path traversal resulting in reading/downloading arbitrary files from the server. ```http POST /api/v1/users/file/download?filepath=./../../../../../etc/passwd HTTP/1.1 Host: localhost:5000...
The password reset endpoint (`/api/v1/users/resetpassword`) allows any unauthenticated user to change passwords of any other user by just incrementing the `id` JSON parameter. ``` POST /api/v1/users/resetpassword HTTP/1.1 Host: localhost:5000 Content-Length:...
An attacker can upload files to any location on the server. The following request creates a text file in `/etc/hacked.txt`. ```http POST /api/v1/users/file/upload HTTP/1.1 Host: localhost:5000 Content-Length: 608 Pragma: no-cache...
The application does not properly filter the `path` JSON parameter in the `/api/v1/users/file/delete` endpoint. This results in arbitrary file deletion. ``` DELETE /api/v1/users/file/delete HTTP/1.1 Host: localhost:5000 Content-Length: 57 Pragma: no-cache...
Currently ServiceScan plugins can only run per protocol (nmap result). It would give a bigger flexibility if plugins could depend on the result/patterns of other ServiceScan plugins. To workaround this...
### The problem you are addressing? A user should be able to receive notifications of various actions in the application and optionally by mail. ### The Solution you would like...
### The problem you are addressing? retesting of vulnerabilities. ### The Solution you would like The model field `date_retested` is already part of the vulnerability model. The field `retested_comment` needs...