CVE-2023-30197
Incorrect Access Control in the module “My inventory” (myinventory)
CVE-2023-3020
Cross-site Scripting (XSS) – Reflected in GitHub repository mkucej/i-librarian-free prior to 5.10.4.
US Financial Watchdog: Money Stored in Venmo/PayPal/CashApp Isn’t Federally Insured
The Associated Press reports: Customers of Venmo, PayPal and CashApp should not store their money with those apps for the long term because the funds might not be safe during…
CVE-2023-3021
Cross-site Scripting (XSS) – Stored in GitHub repository mkucej/i-librarian-free prior to 5.10.4.
Why Bill Gates Recommends This Novel About Videogames
Bill Gates wrote a blog post this week recommending a novel about videogame development. Gates calls Tomorrow, and Tomorrow, and Tomorrow. “one of the biggest books of last year,” telling…
CVE-2023-3026
Cross-site Scripting (XSS) – Stored in GitHub repository jgraph/drawio prior to 21.2.8.
CVE-2023-3028
Insufficient authentication in the MQTT backend (broker) allows an attacker to access and even manipulate the telemetry data of the entire fleet of vehicles using the HopeChart HQT-401 telematics unit.…
Can Open Source Speed the Adoption of Clean-Energy Microgrids?
This week the Linux Foundation announced the publication of The Open Source Opportunity for Microgrids: Five Ways to Drive Innovation and Overcome Market Barriers for Energy Resilience. “The research informs…
CVE-2023-3028
Insufficient authentication in the MQTT backend (broker) allows an attacker to access and even manipulate the telemetry data of the entire fleet of vehicles using the HopeChart HQT-401 telematics unit.…