[FD] SEC Consult SA-20170914-1 :: Persistent Cross-Site Scripting in SilverStripe CMS

2017-09-14 Thread SEC Consult Vulnerability Lab
SEC Consult Vulnerability Lab Security Advisory < 20170914-1 > === title: Persistent Cross-Site Scripting product: SilverStripe CMS vulnerable version: <=3.5.3 fixed versi

[FD] SEC Consult SA-20170914-0 :: Authenticated Command Injection in Ubiquiti Networks UniFi Cloud Key

2017-09-14 Thread SEC Consult Vulnerability Lab
SEC Consult Vulnerability Lab Security Advisory < 20170914-0 > === title: Authenticated Command Injection product: Ubiquiti Networks UniFi Cloud Key vulnerable version: Firmware version &