Intigriti XSS Challenge – December 2021
The approach to this challenge was completely different from the past two months, as the vulnerable component was on the backend, forcing us to approach...
Intigriti November XSS Challenge
The bug bounty program Intigriti hosts an XSS challenge every month. This time, the challenge was about bypassing CSP by reloading a VueJS instance, getting...
CVE-2021-43136 – FormaLMS – The evil default value that leads to Authentication Bypass
Preface As part of our recent research activity, we stumbled upon FormaLMS. The project is an open source Learning Management System built by forma.association and...
SA-CONTRIB-2021-036 NotSoSAML – Privilege Escalation via XML Signature Wrapping on MiniorangeSAML Drupal Plugin
This is a brief story about how we found a vulnerability on a drupal plugin that, when not configured correctly, could allow an authenticated user...
CVE-2020-35749 – Authenticated Directory Traversal Simple Job Board WordPress plugin version < 2.9.3
During our research activities we discovered an authenticated local inclusion in the Simple Job Board Wordpress plugin. The Simple Job Board Wordpress plugin has reached...