Vulnerability Disclosure usd HeroLab penetration testers have identified several security vulnerabilities during security analyses. These vulnerabilities affect the Bitbucket, PhpSpreadsheet and XClarity. The following vulnerability classes were identified: Broken Access Control XML External Entity (XXE) Processing In accordance with usd …
usd HeroLab „Summerschool 2019“ completed
In addition to university courses, the usd HeroLab training program „Become a HeroLab Professional“, or “Become a HeroLabber” for short, is another investment in qualified young talent by usd AG. Experienced usd HeroLab security analysts systematically prepare the students of …
Cyber Security Transformation Chef
usd Herolab proudly presents the Cyber Security Transformation Chef (shorthand CSTC), which is a Burp Extension for various input transformations. It implements a generic way to replace the need for numerous specialized extensions. Why another extension? There is always the …
Getting ready for DEF CON 27
We are excited to present one of our in-house developments at DEF CON 27 – the CST Chef. Our Heroes and developers Sebastian Puttkammer and Ralf Almon, Managing Consultants at usd HeroLab, have taken a brief moment to say some …
Security Advisory 07/2019
by Stefan Schmer, Managing Consultant Security Analysis & Pentests, usd AG. Vulnerability Disclosure usd AG penetration testers have identified several security vulnerabilities during security analyses. These vulnerabilities affect the products Adobe Experience Manager (AEM), Bitbucket, feeling4design Super Forms and Oracle …