CVE

Update (12/May/2022) : I reported below observations to the PyScript team and they have confirmed that these are expected behavior. Since the emscripten filesystem is in the user’s browser memory itself, no harm in being able to list files, access files or write to arbitrary locations. Refer this issue. Introduction Vulnerabilities I found in PyScript. Vulnerability 1: File System Browsing Using the glob module which is part of Python Standard Library, the Emscripten filesystem can be browsed....

Introduction Recently, I had the opportunity to the pentest the Wipro Holmes Orchestrator v20.4.1 application. During the assessment, I found a few interesting vulnerabilities which are covered in this post. CVE-2021-38146: Arbitrary File Download The Wipro Holmes Orchestrator provides an API endpoint to download various files through the applications such as log files. This functionality is visible only to the logged in users. However, the API itself does not have any authentication required to be called....