Enterprise VulnerabilitiesFrom DHS/US-CERT’s National Vulnerability Database CVE-2021-26030PUBLISHED: 2021-04-14 An issue was discovered in Joomla! 3.0.0 through 3.9.25. Inadequate escaping allowed XSS attacks using the logo parameter of the default templates on error page CVE-2021-26031PUBLISHED: 2021-04-14 An issue was discovered in Joomla! 3.0.0 through 3.9.25. Inadequate filters on module layout settings […]

VMware on Wednesday announced expanded cloud workload protections for containers and Kubernetes environments. The new security capabilities, built into the Carbon Black Cloud, follow last year’s acquisition of the security platform Octarine. The new features are part of VMware’s broader efforts to “intrinsically secure” workloads.  The new capabilities build security […]

Enterprise VulnerabilitiesFrom DHS/US-CERT’s National Vulnerability Database CVE-2021-28163PUBLISHED: 2021-04-01 In Eclipse Jetty 9.4.32 to 9.4.38, 10.0.0.beta2 to 10.0.1, and 11.0.0.beta2 to 11.0.1, if a user uses a webapps directory that is a symlink, the contents of the webapps directory is deployed as a static webapp, inadvertently serving the webapps themselves and […]