Azure App Service had an insecure default behavior that exposed the source code of customer applications written in PHP, Python, Ruby, or Node, that were deployed using “Local Git”.
Thu, Oct 7th, 2021
AWS WAF using the Core Rules set allowed SQL injection. In AWS WAF only the first 8 KB (8,192 bytes) of the request body are forwarded to AWS WAF for inspection, but AWS Managed rules allowed reque...
Sun, Oct 3rd, 2021
Upon blocking a request, GCP Org policy constraints were logging the deny logs in Principal''s project and the blocking project. An attacker could use those logs to exfiltrate any data, by making r...
Wed, Sep 22nd, 2021