by Ric | Apr 29, 2021 | Blog, News
This beauty was finally published today CVE-2020-22789 (after almost a year of our report). Is an unauthenticated stored XSS (the worst kind) in a Data integration software used by huge companies like airports and electricity providers. This was found with my...
by Ric | Apr 9, 2020 | Blog
While doing our work in Secura, David Van Gool and I recently found and reported two vulnerabilities in FME Server versions 2019.2 and 2020.0 Beta. The vulnerabilities were: Unauthenticated Stored XSS Authenticated Stored XSS The Unauthenticated Stored XSS injection...