Page Contents

The following pages are tagged with

TitleExcerpt
Security advisory 03-10-2017 Security risk: Medium-high  Vulnerability: loopback-component-storage to directory traversal attack Description A security leak exposing loopback-component-storage to directory traversal attack. The component was exposed to a vulnerability where an attacker could use a command to retrieve the content of the server.js file of a LoopBack application and...
Security advisory 01-31-2018 Security risk: Medium (CVSS: 4.3) Vulnerability: Prevent unauthorized alteration of records on same table Description In a Many-to-Many relationship, it was possible for an authenticated user to edit the foreign keys of records to transfer ownership. Example: A Physician has many appointments with many patients. Physician 1 can create...