all InfoSec news
SANS Offensive CTF - Taskist:: 01–04
March 6, 2024, 6:26 a.m. | Prasanth Bodepu
InfoSec Write-ups - Medium infosecwriteups.com
This Write Up outlines several vulnerabilities discovered within the application, including IDOR (Insecure Direct Object Reference), privilege escalation, SSRF (Server-Side Request Forgery), and unauthorized file access issues.
Taskist::01- IDOR Vulnerability in “/api/tasks/<ID>”Description: The application has an Insecure Direct Object Reference vulnerability in the /api/tasks/64 endpoint, allowing unauthorized access to admin’s tasks information.
Impact: Admin notes containing confidential information, including the flag, are exposed to unauthorized users.
Recommendation: Implement proper access controls and authorization mechanisms to restrict …
More from infosecwriteups.com / InfoSec Write-ups - Medium
Honeypots 101: A Beginner’s Guide to Honeypots
4 days, 13 hours ago |
infosecwriteups.com
Devvortex Hackthebox Walkthrough
5 days, 14 hours ago |
infosecwriteups.com
Port Scanning for Bug Bounties
5 days, 14 hours ago |
infosecwriteups.com
Jobs in InfoSec / Cybersecurity
DevSecOps Engineer
@ Material Bank | Remote
Instrumentation & Control Engineer - Cyber Security
@ ASSYSTEM | Bridgwater, United Kingdom
Security Consultant
@ Tenable | MD - Columbia - Headquarters
Management Consultant - Cybersecurity - Internship
@ Wavestone | Hong Kong, Hong Kong
TRANSCOM IGC - Cybersecurity Engineer
@ IT Partners, Inc | St. Louis, Missouri, United States
Manager, Security Operations Engineering (EMEA)
@ GitLab | Remote, EMEA