[FD] Data Manipulation with X-Forwarded-For header at WordPress

21/12/2020 Vendor contacted 09/03/2021 CVE Assigned V. CREDIT - Alphan Yavas VI. DESCRIPTION - "X-Forwarded-For" is a HTTP header used to carry the client's original IP address. However, because these headers may very well be added by

[FD] Microsoft Exchange Server, External Service Interaction (DNS)

Vendor contacted 17/12/2019 Microsoft replay that “We determined that this behavior is considered to be by design.” VI. CREDIT - Alphan Yavas from Biznet Bilisim A.S. VII. Components - Affected Component: Path(inurl): /Autodiscover Parameter

[FD] External Service Interaction (DNS) on Skype for Business

/2019 Vulnerability discovered 03/12/2019 Vendor contacted 04/12/2019 Microsoft replay that “We determined that this behavior is considered to be by design.” V. CREDIT - Alphan Yavas from Biznet Bilisim A.S. VI. DESCRIPTION - Microsoft Skype for Business

[FD] Vulnerability Disclosure and CVE assign

Vulnerability discovered 06/07/2019 Vendor contacted 06/09/2018 MicroStrategy Fix the vulnerability at the release V11.1.3 V. CREDIT - Alphan Yavas from Biznet Bilisim A.S. VI. DESCRIPTION - Reflected XSS due to lack of input filtering in MicroStrategy