News & Events

News tagged "Application Security"


YunoHost 2.7.2 to 2.7.14 – Multiple Vulnerabilities

YunoHost is an application that is used to manage applications hosted on a Linux server. Additionally, it allows the user to manage the entire Linux system, including installed services, firewall rules, and system updates. The application’s official website is Version 2.7.2 was released on August 22, 2017, and version 2.7.14 was released on June 28, 2018. This security advisory discusses several vulnerabilities Bishop Fox researchers found in it.

Application Security, HTTP Header Injection, Stored Cross-Site Scripting


Jirafeau Version 3.3.0 – Multiple Vulnerabilities

Jirafeau is an open source file sharing web application, distributed under an AGPL version 3 license. It is a fork of the project Jyraphe and allows users to share files for a defined period and protect downloads via a password. The project’s official website is The latest version of the application is 3.3.0, released on September 8, 2017. Ten vulnerabilities were identified within the Jirafeau web application – five cross-site scripting vulnerabilities (two stored and three reflected) as well as five cross-site request forgery vulnerabilities.

Application Security, Cross-Site Request Forgery, Cross-Site Scripting

PR Web – ioTium Partners with Bishop Fox for IIoT Infrastructure Security

Santa Clara, CA, May 30, 2018 (PR Web) – ioTium, the first commercially deployed secure Edge-Cloud infrastructure company for the Industrial Internet of Things (IIoT), announced that it partnered with leading independent cybersecurity research firm Bishop Fox to test the security of its Edge-Cloud infrastructure offerings. This Edge-Cloud infrastructure ensures that any machine, using …