by Chris Davis, on Dec 30, 2019 10:26:22 AM

ADVISORY SUMMARY The following document describes identified vulnerabilities in the Big Monitoring Fabric application. Two high-risk vulnerabilities were found within the application. Impact Successful exploitation of the cross-site scripting (XSS) …

Read Details
Vulnerabilities:Sensitive Information DisclosureCross-site Scripting

by Florian Nivette, on Dec 30, 2019 10:25:01 AM

ADVISORY SUMMARY This advisory describes an identified vulnerability in the Dradis Pro application Version 3.4.1. One medium-risk vulnerability was identified within the application. Impact The API of Dradis Pro does …

Read Details
Vulnerabilities:IDOR

by Chris Davis, on Dec 9, 2019 7:00:00 AM

ADVISORY SUMMARY Nine vulnerabilities were identified within the Solismed application. The following document describes identified vulnerabilities in the Solismed application version 3.3SP1. Product Vendor Product Name Affected Version* Intesync, LLC …

Read Details
Vulnerabilities:Cross-site ScriptingCross-site Request ForgeryIncorrect Access ControlsInsecure File UploadSQL InjectionInsecure Cryptographic StorageClickjackingDirectory Traversal

Vulnerability Disclosure Policy

Bishop Fox takes security issues very seriously. We believe in coordinated disclosure, and we work closely with vendors and clients to patch vulnerabilities promptly. More on our Disclosure Policy →

Subscribe to Updates