Public Security Advisories
Coordinated vulnerability disclosures from Argus. Findings, impact, and remediation, published in good faith.
The report.test trapper endpoint allows an authenticated low-privilege user to supply an arbitrary userid in the request body. The server creates a real session for that user, renders their dashboard as a PDF, and emails it to the attacker — with no check that the requested viewer identity matches the authenticated caller.
// No embargoed advisories.