session

OpenProject Session Management Security Vulnerability aka CVE-2017-11667

Today we will talk about a session management vulnerability affects OpenProject with all its version before 6.1.6 (old Stable) and 7.0.3 (latest stable) and may lead to accounts compromise and perform unauthorized actions via physical access to the logged in user session. but first lets know some general info. First what is OpenProject? OpenProject is […]

QRLJacking – Your QR-based session belongs to us!

Introduction Before we start we need to explain some frequently mentioned terms which are: QR Code, SSO and Clickjacking. What is QR Code? QR code (abbreviated from Quick Response Code) is the trademark for a type of matrix barcode (or two-dimensional barcode) first designed for the automotive industry in Japan. A barcode is a machine-readable […]

Previous page Next page

Scroll Up