Original text at:
https://hackdefense.com/publications/cve-2019-18346-davical-caldav-server-vulnerability/
At HackDefense, we were evaluating various calendaring solutions, and
during installation and configuration of DAViCal we discovered three
(severe) vulnerabilities. We reported these
Original text at:
https://hackdefense.com/publications/cve-2019-18347-davical-caldav-server-vulnerability/
At HackDefense, we were evaluating various calendaring solutions, and
during installation and configuration of DAViCal we discovered three
(severe) vulnerabilities. We reported these
Original text at:
https://hackdefense.com/publications/cve-2019-18345-davical-caldav-server-vulnerability/
At HackDefense, we were evaluating various calendaring solutions, and
during installation and configuration of DAViCal we discovered three
(severe) vulnerabilities. We reported these
CVE-2022-31064 - Stored Cross-Site Scripting in BigBlueButton.
=
Exploit Title: Stored Cross-Site Scripting (XSS) in BigBlueButton
Product: BigBlueButton
Vendor: BigBlueButton
Vulnerable Versions: 2.3, <2.4.8, <2.5.0
Tested Version: 2.4.7
Advisory Publication: Jun
=
Exploit Title: Hostname injection leads to Remote Code Execution RCE
(Authenticated)
Product: Gaia Portal
Vendor: Checkpoint
Vulnerable Versions: R81.20 < Take 14, R81.10 < Take 95, R81 < Take 82 and
R80.40 < Take 198
Tested Version: R81.10 (take 335)
Advisory