#vulnerabilities

Articles tagged with #vulnerabilities

XXE Article
XXE Definition XML external entity injection (also known as XXE) is a web security vulnerability that allows an attacker to interfere with an application's processing of XML data. It often allows an attacker to view files on the application server fi...
Mar 10, 20263 min read2
Path traversal
Path traversal What is path traversal? Path traversal is also known as directory traversal. These vulnerabilities enable an attacker to read arbitrary files on the server that is running an applicatio
Mar 10, 20267 min read
OS command injection
OS command injection What is command injection? Command injection is a vulnerability that allows an attacker to execute operating system (OS) commands on the server that is running an application. A s
Mar 10, 20262 min read1
OAuth 2.0 vulnerabilities
OAuth 2.0 vulnerabilities Terminology (OAuth vs OIDC) OAuth 2.0 is an authorization framework. It delegates access to an app without sharing a password. Many products use OAuth to “log in”. That’s usu
Mar 10, 20266 min read4
HTTP Host header attacks
HTTP Host header attacks What is the HTTP Host header? The HTTP Host header is a mandatory request header as of HTTP/1.1. It specifies the domain name that the client wants to access. For example, whe
Mar 10, 202612 min read
Authentication Vulnerabilities
Authentication Vulnerabilities Conceptually, authentication vulnerabilities are easy to understand. However, they are usually critical because of the clear relationship between authentication and secu
Mar 10, 20269 min read