issues Search Results · language:Dune language:Python language:HTML language:TypeScript language:JavaScript
Filter by
63.2M results
Target artifact
GET /api/quizzes
Attack class
idor-authz
Discovery method
black-box (interface only)
Property violated
P5: Authorization output safety
Steps to reproduce
1. Start the app per ...
Luna-Xue
Target artifact
GET /api/search?q=
Attack class
sql-injection
Discovery method
white-box → reproduced over HTTP
Property violated
P1: Confidentiality
Steps to reproduce
1. Start the app per START_APP.md ...
Authoritative project landing pages (README.md and docs/index.md) contain broken, hardcoded local Windows absolute file
hyperlinks (file:///c:/Users/naman/...). This completely breaks internal repository ...
bug
documentation
good first issue
namanbhaia
Target artifact
GET /api/quizzes/2 (also /quiz/2, /quiz/2/submit)
Attack class
idor-authz
Discovery method
black-box (interface only)
Property violated
P1: Confidentiality
Steps to reproduce
1. ...
The institutional CSV Verification engine relies strictly on absolute matching of ISIN (International Securities
Identification Number) attributes against Depository Participant (DP) NSDL or CDSL depository ...
bug
integrations
reconciliation
details summary img src= https://whitesource-resources.whitesourcesoftware.com/vulnerability_details.png width=19
height=20 Vulnerable Library - b keras-3.12.2-py3-none-any.whl /b /summary
p Multi-backend ...
Mend: dependency security vulnerability
mend-for-github-com[bot]
The automated market data quote module executes unbounded string queries against external APIs without prioritizing
exchange listings. This routinely pollutes investment ledgers with illiquid secondary ...
bug
integrations
market-data
Target artifact
GET /drawing/ id
Attack class
idor-authz
Discovery method
black-box (interface only)
Property violated
P1: Confidentiality
Steps to reproduce
1. Start the app per START_APP.md ...
Target artifact
Flask session cookie → GET /drawing/1
Attack class
idor-authz (weak-crypto / session forgery)
Discovery method
white-box → reproduced over HTTP
Property violated
P1: Confidentiality ...
Target artifact
POST /task/ id /toggle
Attack class
open-redirect
Discovery method
white-box → reproduced over HTTP
Property violated
P5: Authorization output safety
Steps to reproduce
1. Start ...
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.