The Hacker News

CISA Adds PaperCut NG/MF CSRF Vulnerability to KEV Catalog Amid Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security vulnerability impacting PaperCutNG/MF print management software to its Known Exploited ...
Bleeping Computer

CISA flags PaperCut RCE bug as exploited in attacks, patch now

CISA warns that threat actors are exploiting a high-severity vulnerability in PaperCut NG/MF print management software, which can allow them to gain remote code execution in cross-site request forgery ...
GitHub

Cross-Site Request Forgery in CodeChecker API

This score calculates overall vulnerability severity from 0 to 10 and is based on the Common Vulnerability Scoring System (CVSS). Attack vector: More severe the more the remote (logically and ...
Dark Reading

MITRE: Cross-Site Scripting Is 2024's Most Dangerous Software Weakness

Although a new methodology shook up the rankings of this year's most dangerous software bugs, the classic persistent threats still proved to be the biggest risk to organizations, reinforcing the need ...
GitHub

Cross-Site Request Forgery in Anchor CMS

This score calculates overall vulnerability severity from 0 to 10 and is based on the Common Vulnerability Scoring System (CVSS). Attack Vector: This metric reflects the context by which vulnerability ...
Bleeping Computer

Critical Cisco bug exposes Expressway gateways to CSRF attacks

Cisco has patched several vulnerabilities affecting its Expressway Series collaboration gateways, two of them rated as critical severity and exposing vulnerable devices to cross-site request forgery ...
IEEE

Cross-Site Request Forgery as an Example of Machine Learning for Web Vulnerability Detection

Abstract: This paper presents a strategy for discovering flaws in web applications through Machine Learning (ML). Web-based applications are especially troublesome to examine attributed to their ...