[FD] SEC Consult SA-20200902-0 :: Multiple Vulnerabilities in Red Lion N-Tron 702-W, Red Lion N-Tron 702M12-W

2020-09-02 Thread SEC Consult Vulnerability Lab
SEC Consult Vulnerability Lab Security Advisory < 20200902-0 > === title: Multiple Vulnerabilities product: Red Lion N-Tron 702-W, Red Lion N-Tron 702M12-W vulnerable version: <=2.0.26

[FD] [RT-SA-2020-004] Inconsistent Behavior of Go's CGI and FastCGI Transport May Lead to Cross-Site Scripting

2020-09-02 Thread RedTeam Pentesting GmbH
Advisory: Inconsistent Behavior of Go's CGI and FastCGI Transport May Lead to Cross-Site Scripting The CGI and FastCGI implementations in the Go standard library behave differently from the HTTP server implementation when serving content. In contrast to the documented behavior, they may return