Leaking password protected articles content due to improper access control in GitHub repository publify/publify prior to 9.2.8. Attackers can leverage this vulnerability to view the contents of any password-protected article present on the publify webs…
[publify_core] Incorrect Authorization in publify
Improper Access Control in GitHub repository publify/publify prior to 9.2.8. Anonymous users can’t view but can leave comments on an article in draft mode.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-0574
https://github.com/publify/publify/co…
[publify_core] Code injection in publify
Code Injection in GitHub repository publify/publify prior to 9.2.8.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-0578
https://github.com/publify/publify/commit/b50df050c593cc532b2c516792989bcfce2d73f7
https://huntr.dev/bounties/02c81928-eb47-4…
[IpMatcher] Improper Input Validation in IpMatcher
An Input Validation Vulnerability exists in Joel Christner .NET C# packages WatsonWebserver, IpMatcher 1.0.4.1 and below (IpMatcher) and 4.1.3 and below (WatsonWebserver) due to insufficient validation of input IP addresses and netmasks against the int…
Seniors search what they see, using a new Lens
Technology shines when it helps us get things done in our daily lives, and that’s exactly why a group of around 100 very eager seniors gathered in Odense, Denmark. All older than 65, many up to 85, they decided to stay on top of the latest technologica…
Migrate your classic Google Sites before December 1, 2022
Quick summary We’re extending the previously announced timeline to give Google Workspace customers more time to migrate from classic Google Sites to new Google Sites. The new timeline is: Starting December 1, 2022 (previously June 1, 2022): Y…
PC版『ELDEN RING』にNPCやボスを召喚できるMODが登場―狭間の地に旅の道連れ
フロム・ソフトウェアの新作アクションRPG『ELDEN RING』……そのPC版ではこれまで「VR化…
ハッカー集団「Anonymous」、ロシアの油田や自治体から600GB超データ流出
Security Affairsは5月15日(現地時間)、「May 08 – May 14 Ukra…
日産の新型軽自動車EV、IMkコンセプト市販型はプレミアム感のある内装が特徴
日産は新型軽自動車EVを2022年5月20日に発表する見込み。2019年の東京モーターショーで出品されたIMkコンセプトの市販型に相当するモデルとなる。 日産「SAKURA」、新型軽自動車EVが2022年5月20日デビュ […]…
【実践】Python+sumyで文書要約(テキストマイニング)しよう!
例えば、気に入った商品の評価を知るためにAmazonの口コミを探したら、大量のコメントが書かれていたりとか、調べものをググって辿り着いたWebサイトに大量の文書が書かれていた場合、それらに全て目を通すのって大変ですよね。 […]