Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
&color=brightgreen)
Hoppscotch is an API development ecosystem. Due to lack of validation for fields like Label (Edit Team) - TeamName, bad actors can send emails with Spoofed Content as Hoppscotch. Part of payload (external link) is presented in clickable form - easier to achieve own goals by malicious actors. This issue is fixed in 2023.12.6.
- https://github.com/hoppscotch/hoppscotch/security/advisories/GHSA-8r6h-8r68-q3pp
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/mbiesiad/security-hall-of-fame-mb