Web App Vulnerabilities

1. Introduction Report Only Content Security Policy Detected indicates a Content Security Policy (CSP) is in place on your website,...

1. Introduction The Request Tracker 3.8.x prior to 3.8.17 and 4.x prior to 4.0.13 application is affected by multiple vulnerabilities....

1. Introduction The Request Tracker 3.x and 4.x application, prior to versions 3.8.15 and 4.0.8 respectively, is affected by multiple...

1. Introduction The Request Tracker 3.x application, specifically versions prior to 3.8.9, is affected by security bypass and information disclosure...

1. Introduction The Request Tracker 4.0.x prior to 4.0.23 and 4.2.x prior to 4.2.10 application has multiple vulnerabilities that could...

1. Introduction Request Tracker 4.2.x prior to 4.2.5 contains a denial of service vulnerability in the Email::Address:List module. This means...

1. Introduction 2. Technical Explanation The vulnerability arises because RT authenticates users without invalidating their existing session ID. An attacker...

1. Introduction The Resin resin-admin/digest.php XSS vulnerability is a cross-site scripting flaw in the Resin application server’s admin interface. This...

1. Introduction Response Splitting is a web vulnerability where attackers can manipulate HTTP response headers. This allows them to inject...

1. Introduction Revive Adserver Detection identifies instances of the open source Revive Adserver software running on a web server. This...