/*
 * This file is part of the Symfony package.
 *
 * (c) Fabien Potencier <fabien@symfony.com>
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

namespace Symfony\Component\String;

if (!\function_exists(u::class)) {
    function u(?string $string = ''): UnicodeString
    {
        return new UnicodeString($string ?? '');
    }
}

if (!\function_exists(b::class)) {
    function b(?string $string = ''): ByteString
    {
        return new ByteString($string ?? '');
    }
}

if (!\function_exists(s::class)) {
    /**
     * @return UnicodeString|ByteString
     */
    function s(?string $string = ''): AbstractString
    {
        $string = $string ?? '';

        return preg_match('//u', $string) ? new UnicodeString($string) : new ByteString($string);
    }
}
<!DOCTYPE html>
<html lang="en-US">

<head>
	<meta charset='UTF-8'>
	<meta name="viewport" content="width=device-width, initial-scale=1">
	<link rel="profile" href="http://gmpg.org/xfn/11">
		<title>Flaws &#8211; OWASP Jakarta</title>
<meta name='robots' content='max-image-preview:large' />
	<style>img:is([sizes="auto" i], [sizes^="auto," i]) { contain-intrinsic-size: 3000px 1500px }</style>
	<link rel='dns-prefetch' href='//fonts.googleapis.com' />
<link rel="alternate" type="application/rss+xml" title="OWASP Jakarta &raquo; Feed" href="https://owasp.or.id/feed/" />
<link rel="alternate" type="application/rss+xml" title="OWASP Jakarta &raquo; Comments Feed" href="https://owasp.or.id/comments/feed/" />
<link rel="alternate" type="application/rss+xml" title="OWASP Jakarta &raquo; Flaws Tag Feed" href="https://owasp.or.id/tag/flaws/feed/" />
<script type="text/javascript">
/* <![CDATA[ */
window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/16.0.1\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/16.0.1\/svg\/","svgExt":".svg","source":{"concatemoji":"https:\/\/owasp.or.id\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.8.2"}};
/*! This file is auto-generated */
!function(s,n){var o,i,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,JSON.stringify(t))}catch(e){}}function p(e,t,n){e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(t,0,0);var t=new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data),a=(e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(n,0,0),new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data));return t.every(function(e,t){return e===a[t]})}function u(e,t){e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(t,0,0);for(var n=e.getImageData(16,16,1,1),a=0;a<n.data.length;a++)if(0!==n.data[a])return!1;return!0}function f(e,t,n,a){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\udde8\ud83c\uddf6","\ud83c\udde8\u200b\ud83c\uddf6")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40\udc65\udb40\udc6e\udb40\udc67\udb40\udc7f","\ud83c\udff4\u200b\udb40\udc67\u200b\udb40\udc62\u200b\udb40\udc65\u200b\udb40\udc6e\u200b\udb40\udc67\u200b\udb40\udc7f");case"emoji":return!a(e,"\ud83e\udedf")}return!1}function g(e,t,n,a){var r="undefined"!=typeof WorkerGlobalScope&&self instanceof WorkerGlobalScope?new OffscreenCanvas(300,150):s.createElement("canvas"),o=r.getContext("2d",{willReadFrequently:!0}),i=(o.textBaseline="top",o.font="600 32px Arial",{});return e.forEach(function(e){i[e]=t(o,e,n,a)}),i}function t(e){var t=s.createElement("script");t.src=e,t.defer=!0,s.head.appendChild(t)}"undefined"!=typeof Promise&&(o="wpEmojiSettingsSupports",i=["flag","emoji"],n.supports={everything:!0,everythingExceptFlag:!0},e=new Promise(function(e){s.addEventListener("DOMContentLoaded",e,{once:!0})}),new Promise(function(t){var n=function(){try{var e=JSON.parse(sessionStorage.getItem(o));if("object"==typeof e&&"number"==typeof e.timestamp&&(new Date).valueOf()<e.timestamp+604800&&"object"==typeof e.supportTests)return e.supportTests}catch(e){}return null}();if(!n){if("undefined"!=typeof Worker&&"undefined"!=typeof OffscreenCanvas&&"undefined"!=typeof URL&&URL.createObjectURL&&"undefined"!=typeof Blob)try{var e="postMessage("+g.toString()+"("+[JSON.stringify(i),f.toString(),p.toString(),u.toString()].join(",")+"));",a=new Blob([e],{type:"text/javascript"}),r=new Worker(URL.createObjectURL(a),{name:"wpTestEmojiSupports"});return void(r.onmessage=function(e){c(n=e.data),r.terminate(),t(n)})}catch(e){}c(n=g(i,f,p,u))}t(n)}).then(function(e){for(var t in e)n.supports[t]=e[t],n.supports.everything=n.supports.everything&&n.supports[t],"flag"!==t&&(n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&n.supports[t]);n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&!n.supports.flag,n.DOMReady=!1,n.readyCallback=function(){n.DOMReady=!0}}).then(function(){return e}).then(function(){var e;n.supports.everything||(n.readyCallback(),(e=n.source||{}).concatemoji?t(e.concatemoji):e.wpemoji&&e.twemoji&&(t(e.twemoji),t(e.wpemoji)))}))}((window,document),window._wpemojiSettings);
/* ]]> */
</script>
<style id='wp-emoji-styles-inline-css' type='text/css'>

	img.wp-smiley, img.emoji {
		display: inline !important;
		border: none !important;
		box-shadow: none !important;
		height: 1em !important;
		width: 1em !important;
		margin: 0 0.07em !important;
		vertical-align: -0.1em !important;
		background: none !important;
		padding: 0 !important;
	}
</style>
<link rel='stylesheet' id='wp-block-library-css' href='https://owasp.or.id/wp-includes/css/dist/block-library/style.min.css?ver=6.8.2' type='text/css' media='all' />
<style id='classic-theme-styles-inline-css' type='text/css'>
/*! This file is auto-generated */
.wp-block-button__link{color:#fff;background-color:#32373c;border-radius:9999px;box-shadow:none;text-decoration:none;padding:calc(.667em + 2px) calc(1.333em + 2px);font-size:1.125em}.wp-block-file__button{background:#32373c;color:#fff;text-decoration:none}
</style>
<style id='global-styles-inline-css' type='text/css'>
:root{--wp--preset--aspect-ratio--square: 1;--wp--preset--aspect-ratio--4-3: 4/3;--wp--preset--aspect-ratio--3-4: 3/4;--wp--preset--aspect-ratio--3-2: 3/2;--wp--preset--aspect-ratio--2-3: 2/3;--wp--preset--aspect-ratio--16-9: 16/9;--wp--preset--aspect-ratio--9-16: 9/16;--wp--preset--color--black: #000000;--wp--preset--color--cyan-bluish-gray: #abb8c3;--wp--preset--color--white: #ffffff;--wp--preset--color--pale-pink: #f78da7;--wp--preset--color--vivid-red: #cf2e2e;--wp--preset--color--luminous-vivid-orange: #ff6900;--wp--preset--color--luminous-vivid-amber: #fcb900;--wp--preset--color--light-green-cyan: #7bdcb5;--wp--preset--color--vivid-green-cyan: #00d084;--wp--preset--color--pale-cyan-blue: #8ed1fc;--wp--preset--color--vivid-cyan-blue: #0693e3;--wp--preset--color--vivid-purple: #9b51e0;--wp--preset--color--accent: #e91e63;--wp--preset--color--background-color: #E5E5E5;--wp--preset--color--header-gradient: #a81d84;--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple: linear-gradient(135deg,rgba(6,147,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradient(135deg,rgba(252,185,0,1) 0%,rgba(255,105,0,1) 100%);--wp--preset--gradient--luminous-vivid-orange-to-vivid-red: linear-gradient(135deg,rgba(255,105,0,1) 0%,rgb(207,46,46) 100%);--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray: linear-gradient(135deg,rgb(238,238,238) 0%,rgb(169,184,195) 100%);--wp--preset--gradient--cool-to-warm-spectrum: linear-gradient(135deg,rgb(74,234,220) 0%,rgb(151,120,209) 20%,rgb(207,42,186) 40%,rgb(238,44,130) 60%,rgb(251,105,98) 80%,rgb(254,248,76) 100%);--wp--preset--gradient--blush-light-purple: linear-gradient(135deg,rgb(255,206,236) 0%,rgb(152,150,240) 100%);--wp--preset--gradient--blush-bordeaux: linear-gradient(135deg,rgb(254,205,165) 0%,rgb(254,45,45) 50%,rgb(107,0,62) 100%);--wp--preset--gradient--luminous-dusk: linear-gradient(135deg,rgb(255,203,112) 0%,rgb(199,81,192) 50%,rgb(65,88,208) 100%);--wp--preset--gradient--pale-ocean: linear-gradient(135deg,rgb(255,245,203) 0%,rgb(182,227,212) 50%,rgb(51,167,181) 100%);--wp--preset--gradient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-size--medium: 20px;--wp--preset--font-size--large: 36px;--wp--preset--font-size--x-large: 42px;--wp--preset--spacing--20: 0.44rem;--wp--preset--spacing--30: 0.67rem;--wp--preset--spacing--40: 1rem;--wp--preset--spacing--50: 1.5rem;--wp--preset--spacing--60: 2.25rem;--wp--preset--spacing--70: 3.38rem;--wp--preset--spacing--80: 5.06rem;--wp--preset--shadow--natural: 6px 6px 9px rgba(0, 0, 0, 0.2);--wp--preset--shadow--deep: 12px 12px 50px rgba(0, 0, 0, 0.4);--wp--preset--shadow--sharp: 6px 6px 0px rgba(0, 0, 0, 0.2);--wp--preset--shadow--outlined: 6px 6px 0px -3px rgba(255, 255, 255, 1), 6px 6px rgba(0, 0, 0, 1);--wp--preset--shadow--crisp: 6px 6px 0px rgba(0, 0, 0, 1);}:root :where(.is-layout-flow) > :first-child{margin-block-start: 0;}:root :where(.is-layout-flow) > :last-child{margin-block-end: 0;}:root :where(.is-layout-flow) > *{margin-block-start: 24px;margin-block-end: 0;}:root :where(.is-layout-constrained) > :first-child{margin-block-start: 0;}:root :where(.is-layout-constrained) > :last-child{margin-block-end: 0;}:root :where(.is-layout-constrained) > *{margin-block-start: 24px;margin-block-end: 0;}:root :where(.is-layout-flex){gap: 24px;}:root :where(.is-layout-grid){gap: 24px;}body .is-layout-flex{display: flex;}.is-layout-flex{flex-wrap: wrap;align-items: center;}.is-layout-flex > :is(*, div){margin: 0;}body .is-layout-grid{display: grid;}.is-layout-grid > :is(*, div){margin: 0;}.has-black-color{color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-color{color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-color{color: var(--wp--preset--color--white) !important;}.has-pale-pink-color{color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-color{color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-color{color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-color{color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-color{color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-color{color: var(--wp--preset--color--vivid-purple) !important;}.has-accent-color{color: var(--wp--preset--color--accent) !important;}.has-background-color-color{color: var(--wp--preset--color--background-color) !important;}.has-header-gradient-color{color: var(--wp--preset--color--header-gradient) !important;}.has-black-background-color{background-color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-background-color{background-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-background-color{background-color: var(--wp--preset--color--white) !important;}.has-pale-pink-background-color{background-color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-background-color{background-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-background-color{background-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-background-color{background-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-background-color{background-color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-background-color{background-color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-background-color{background-color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-background-color{background-color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-background-color{background-color: var(--wp--preset--color--vivid-purple) !important;}.has-accent-background-color{background-color: var(--wp--preset--color--accent) !important;}.has-background-color-background-color{background-color: var(--wp--preset--color--background-color) !important;}.has-header-gradient-background-color{background-color: var(--wp--preset--color--header-gradient) !important;}.has-black-border-color{border-color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-border-color{border-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-border-color{border-color: var(--wp--preset--color--white) !important;}.has-pale-pink-border-color{border-color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-border-color{border-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-border-color{border-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-border-color{border-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-border-color{border-color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-border-color{border-color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-border-color{border-color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-border-color{border-color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-border-color{border-color: var(--wp--preset--color--vivid-purple) !important;}.has-accent-border-color{border-color: var(--wp--preset--color--accent) !important;}.has-background-color-border-color{border-color: var(--wp--preset--color--background-color) !important;}.has-header-gradient-border-color{border-color: var(--wp--preset--color--header-gradient) !important;}.has-vivid-cyan-blue-to-vivid-purple-gradient-background{background: var(--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple) !important;}.has-light-green-cyan-to-vivid-green-cyan-gradient-background{background: var(--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan) !important;}.has-luminous-vivid-amber-to-luminous-vivid-orange-gradient-background{background: var(--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange) !important;}.has-luminous-vivid-orange-to-vivid-red-gradient-background{background: var(--wp--preset--gradient--luminous-vivid-orange-to-vivid-red) !important;}.has-very-light-gray-to-cyan-bluish-gray-gradient-background{background: var(--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray) !important;}.has-cool-to-warm-spectrum-gradient-background{background: var(--wp--preset--gradient--cool-to-warm-spectrum) !important;}.has-blush-light-purple-gradient-background{background: var(--wp--preset--gradient--blush-light-purple) !important;}.has-blush-bordeaux-gradient-background{background: var(--wp--preset--gradient--blush-bordeaux) !important;}.has-luminous-dusk-gradient-background{background: var(--wp--preset--gradient--luminous-dusk) !important;}.has-pale-ocean-gradient-background{background: var(--wp--preset--gradient--pale-ocean) !important;}.has-electric-grass-gradient-background{background: var(--wp--preset--gradient--electric-grass) !important;}.has-midnight-gradient-background{background: var(--wp--preset--gradient--midnight) !important;}.has-small-font-size{font-size: var(--wp--preset--font-size--small) !important;}.has-medium-font-size{font-size: var(--wp--preset--font-size--medium) !important;}.has-large-font-size{font-size: var(--wp--preset--font-size--large) !important;}.has-x-large-font-size{font-size: var(--wp--preset--font-size--x-large) !important;}
:root :where(.wp-block-pullquote){font-size: 1.5em;line-height: 1.6;}
</style>
<link rel='stylesheet' id='bootstrap-css' href='https://owasp.or.id/wp-content/themes/hestia/assets/bootstrap/css/bootstrap.min.css?ver=1.0.2' type='text/css' media='all' />
<link rel='stylesheet' id='hestia-font-sizes-css' href='https://owasp.or.id/wp-content/themes/hestia/assets/css/font-sizes.min.css?ver=3.3.0' type='text/css' media='all' />
<link rel='stylesheet' id='hestia_style-css' href='https://owasp.or.id/wp-content/themes/hestia/style.min.css?ver=3.3.0' type='text/css' media='all' />
<style id='hestia_style-inline-css' type='text/css'>
.navbar .navbar-nav li a[href*="facebook.com"]{font-size:0}.navbar .navbar-nav li a[href*="facebook.com"]:before{content:"\f39e"}.navbar .navbar-nav li a[href*="facebook.com"]:hover:before{color:#3b5998}.navbar .navbar-nav li a[href*="twitter.com"]{font-size:0}.navbar .navbar-nav li a[href*="twitter.com"]:before{content:"\f099"}.navbar .navbar-nav li a[href*="twitter.com"]:hover:before{color:#000}.navbar .navbar-nav li a[href*="pinterest.com"]{font-size:0}.navbar .navbar-nav li a[href*="pinterest.com"]:before{content:"\f231"}.navbar .navbar-nav li a[href*="pinterest.com"]:hover:before{color:#cc2127}.navbar .navbar-nav li a[href*="google.com"]{font-size:0}.navbar .navbar-nav li a[href*="google.com"]:before{content:"\f1a0"}.navbar .navbar-nav li a[href*="google.com"]:hover:before{color:#dd4b39}.navbar .navbar-nav li a[href*="linkedin.com"]{font-size:0}.navbar .navbar-nav li a[href*="linkedin.com"]:before{content:"\f0e1"}.navbar .navbar-nav li a[href*="linkedin.com"]:hover:before{color:#0976b4}.navbar .navbar-nav li a[href*="dribbble.com"]{font-size:0}.navbar .navbar-nav li a[href*="dribbble.com"]:before{content:"\f17d"}.navbar .navbar-nav li a[href*="dribbble.com"]:hover:before{color:#ea4c89}.navbar .navbar-nav li a[href*="github.com"]{font-size:0}.navbar .navbar-nav li a[href*="github.com"]:before{content:"\f09b"}.navbar .navbar-nav li a[href*="github.com"]:hover:before{color:#000}.navbar .navbar-nav li a[href*="youtube.com"]{font-size:0}.navbar .navbar-nav li a[href*="youtube.com"]:before{content:"\f167"}.navbar .navbar-nav li a[href*="youtube.com"]:hover:before{color:#e52d27}.navbar .navbar-nav li a[href*="instagram.com"]{font-size:0}.navbar .navbar-nav li a[href*="instagram.com"]:before{content:"\f16d"}.navbar .navbar-nav li a[href*="instagram.com"]:hover:before{color:#125688}.navbar .navbar-nav li a[href*="reddit.com"]{font-size:0}.navbar .navbar-nav li a[href*="reddit.com"]:before{content:"\f281"}.navbar .navbar-nav li a[href*="reddit.com"]:hover:before{color:#ff4500}.navbar .navbar-nav li a[href*="tumblr.com"]{font-size:0}.navbar .navbar-nav li a[href*="tumblr.com"]:before{content:"\f173"}.navbar .navbar-nav li a[href*="tumblr.com"]:hover:before{color:#35465c}.navbar .navbar-nav li a[href*="behance.com"]{font-size:0}.navbar .navbar-nav li a[href*="behance.com"]:before{content:"\f1b4"}.navbar .navbar-nav li a[href*="behance.com"]:hover:before{color:#1769ff}.navbar .navbar-nav li a[href*="snapchat.com"]{font-size:0}.navbar .navbar-nav li a[href*="snapchat.com"]:before{content:"\f2ab"}.navbar .navbar-nav li a[href*="snapchat.com"]:hover:before{color:#fffc00}.navbar .navbar-nav li a[href*="deviantart.com"]{font-size:0}.navbar .navbar-nav li a[href*="deviantart.com"]:before{content:"\f1bd"}.navbar .navbar-nav li a[href*="deviantart.com"]:hover:before{color:#05cc47}.navbar .navbar-nav li a[href*="vimeo.com"]{font-size:0}.navbar .navbar-nav li a[href*="vimeo.com"]:before{content:"\f27d"}.navbar .navbar-nav li a[href*="vimeo.com"]:hover:before{color:#1ab7ea}.navbar .navbar-nav li a[href*="x.com"]{font-size:0}.navbar .navbar-nav li a[href*="x.com"]:before{content:"\e61b"}.navbar .navbar-nav li a[href*="x.com"]:hover:before{color:#000}
.hestia-top-bar,.hestia-top-bar .widget.widget_shopping_cart .cart_list{background-color:#363537}.hestia-top-bar .widget .label-floating input[type=search]:-webkit-autofill{-webkit-box-shadow:inset 0 0 0 9999px #363537}.hestia-top-bar,.hestia-top-bar .widget .label-floating input[type=search],.hestia-top-bar .widget.widget_search form.form-group:before,.hestia-top-bar .widget.widget_product_search form.form-group:before,.hestia-top-bar .widget.widget_shopping_cart:before{color:#fff}.hestia-top-bar .widget .label-floating input[type=search]{-webkit-text-fill-color:#fff !important}.hestia-top-bar div.widget.widget_shopping_cart:before,.hestia-top-bar .widget.widget_product_search form.form-group:before,.hestia-top-bar .widget.widget_search form.form-group:before{background-color:#fff}.hestia-top-bar a,.hestia-top-bar .top-bar-nav li a{color:#fff}.hestia-top-bar ul li a[href*="mailto:"]:before,.hestia-top-bar ul li a[href*="tel:"]:before{background-color:#fff}.hestia-top-bar a:hover,.hestia-top-bar .top-bar-nav li a:hover{color:#eee}.hestia-top-bar ul li:hover a[href*="mailto:"]:before,.hestia-top-bar ul li:hover a[href*="tel:"]:before{background-color:#eee}
footer.footer.footer-black{background:#323437}footer.footer.footer-black.footer-big{color:#fff}footer.footer.footer-black a{color:#fff}footer.footer.footer-black hr{border-color:#5e5e5e}.footer-big p,.widget,.widget code,.widget pre{color:#5e5e5e}
:root{--hestia-primary-color:#e91e63}a,.navbar .dropdown-menu li:hover>a,.navbar .dropdown-menu li:focus>a,.navbar .dropdown-menu li:active>a,.navbar .navbar-nav>li .dropdown-menu li:hover>a,body:not(.home) .navbar-default .navbar-nav>.active:not(.btn)>a,body:not(.home) .navbar-default .navbar-nav>.active:not(.btn)>a:hover,body:not(.home) .navbar-default .navbar-nav>.active:not(.btn)>a:focus,a:hover,.card-blog a.moretag:hover,.card-blog a.more-link:hover,.widget a:hover,.has-text-color.has-accent-color,p.has-text-color a{color:#e91e63}.svg-text-color{fill:#e91e63}.pagination span.current,.pagination span.current:focus,.pagination span.current:hover{border-color:#e91e63}button,button:hover,.woocommerce .track_order button[type="submit"],.woocommerce .track_order button[type="submit"]:hover,div.wpforms-container .wpforms-form button[type=submit].wpforms-submit,div.wpforms-container .wpforms-form button[type=submit].wpforms-submit:hover,input[type="button"],input[type="button"]:hover,input[type="submit"],input[type="submit"]:hover,input#searchsubmit,.pagination span.current,.pagination span.current:focus,.pagination span.current:hover,.btn.btn-primary,.btn.btn-primary:link,.btn.btn-primary:hover,.btn.btn-primary:focus,.btn.btn-primary:active,.btn.btn-primary.active,.btn.btn-primary.active:focus,.btn.btn-primary.active:hover,.btn.btn-primary:active:hover,.btn.btn-primary:active:focus,.btn.btn-primary:active:hover,.hestia-sidebar-open.btn.btn-rose,.hestia-sidebar-close.btn.btn-rose,.hestia-sidebar-open.btn.btn-rose:hover,.hestia-sidebar-close.btn.btn-rose:hover,.hestia-sidebar-open.btn.btn-rose:focus,.hestia-sidebar-close.btn.btn-rose:focus,.label.label-primary,.hestia-work .portfolio-item:nth-child(6n+1) .label,.nav-cart .nav-cart-content .widget .buttons .button,.has-accent-background-color[class*="has-background"]{background-color:#e91e63}@media(max-width:768px){.navbar-default .navbar-nav>li>a:hover,.navbar-default .navbar-nav>li>a:focus,.navbar .navbar-nav .dropdown .dropdown-menu li a:hover,.navbar .navbar-nav .dropdown .dropdown-menu li a:focus,.navbar button.navbar-toggle:hover,.navbar .navbar-nav li:hover>a i{color:#e91e63}}body:not(.woocommerce-page) button:not([class^="fl-"]):not(.hestia-scroll-to-top):not(.navbar-toggle):not(.close),body:not(.woocommerce-page) .button:not([class^="fl-"]):not(hestia-scroll-to-top):not(.navbar-toggle):not(.add_to_cart_button):not(.product_type_grouped):not(.product_type_external),div.wpforms-container .wpforms-form button[type=submit].wpforms-submit,input[type="submit"],input[type="button"],.btn.btn-primary,.widget_product_search button[type="submit"],.hestia-sidebar-open.btn.btn-rose,.hestia-sidebar-close.btn.btn-rose,.everest-forms button[type=submit].everest-forms-submit-button{-webkit-box-shadow:0 2px 2px 0 rgba(233,30,99,0.14),0 3px 1px -2px rgba(233,30,99,0.2),0 1px 5px 0 rgba(233,30,99,0.12);box-shadow:0 2px 2px 0 rgba(233,30,99,0.14),0 3px 1px -2px rgba(233,30,99,0.2),0 1px 5px 0 rgba(233,30,99,0.12)}.card .header-primary,.card .content-primary,.everest-forms button[type=submit].everest-forms-submit-button{background:#e91e63}body:not(.woocommerce-page) .button:not([class^="fl-"]):not(.hestia-scroll-to-top):not(.navbar-toggle):not(.add_to_cart_button):hover,body:not(.woocommerce-page) button:not([class^="fl-"]):not(.hestia-scroll-to-top):not(.navbar-toggle):not(.close):hover,div.wpforms-container .wpforms-form button[type=submit].wpforms-submit:hover,input[type="submit"]:hover,input[type="button"]:hover,input#searchsubmit:hover,.widget_product_search button[type="submit"]:hover,.pagination span.current,.btn.btn-primary:hover,.btn.btn-primary:focus,.btn.btn-primary:active,.btn.btn-primary.active,.btn.btn-primary:active:focus,.btn.btn-primary:active:hover,.hestia-sidebar-open.btn.btn-rose:hover,.hestia-sidebar-close.btn.btn-rose:hover,.pagination span.current:hover,.everest-forms button[type=submit].everest-forms-submit-button:hover,.everest-forms button[type=submit].everest-forms-submit-button:focus,.everest-forms button[type=submit].everest-forms-submit-button:active{-webkit-box-shadow:0 14px 26px -12px rgba(233,30,99,0.42),0 4px 23px 0 rgba(0,0,0,0.12),0 8px 10px -5px rgba(233,30,99,0.2);box-shadow:0 14px 26px -12px rgba(233,30,99,0.42),0 4px 23px 0 rgba(0,0,0,0.12),0 8px 10px -5px rgba(233,30,99,0.2);color:#fff}.form-group.is-focused .form-control{background-image:-webkit-gradient(linear,left top,left bottom,from(#e91e63),to(#e91e63)),-webkit-gradient(linear,left top,left bottom,from(#d2d2d2),to(#d2d2d2));background-image:-webkit-linear-gradient(linear,left top,left bottom,from(#e91e63),to(#e91e63)),-webkit-linear-gradient(linear,left top,left bottom,from(#d2d2d2),to(#d2d2d2));background-image:linear-gradient(linear,left top,left bottom,from(#e91e63),to(#e91e63)),linear-gradient(linear,left top,left bottom,from(#d2d2d2),to(#d2d2d2))}.navbar:not(.navbar-transparent) li:not(.btn):hover>a,.navbar li.on-section:not(.btn)>a,.navbar.full-screen-menu.navbar-transparent li:not(.btn):hover>a,.navbar.full-screen-menu .navbar-toggle:hover,.navbar:not(.navbar-transparent) .nav-cart:hover,.navbar:not(.navbar-transparent) .hestia-toggle-search:hover{color:#e91e63}.header-filter-gradient{background:linear-gradient(45deg,rgba(168,29,132,1) 0,rgb(234,57,111) 100%)}.has-text-color.has-header-gradient-color{color:#a81d84}.has-header-gradient-background-color[class*="has-background"]{background-color:#a81d84}.has-text-color.has-background-color-color{color:#E5E5E5}.has-background-color-background-color[class*="has-background"]{background-color:#E5E5E5}
.btn.btn-primary:not(.colored-button):not(.btn-left):not(.btn-right):not(.btn-just-icon):not(.menu-item),input[type="submit"]:not(.search-submit),body:not(.woocommerce-account) .woocommerce .button.woocommerce-Button,.woocommerce .product button.button,.woocommerce .product button.button.alt,.woocommerce .product #respond input#submit,.woocommerce-cart .blog-post .woocommerce .cart-collaterals .cart_totals .checkout-button,.woocommerce-checkout #payment #place_order,.woocommerce-account.woocommerce-page button.button,.woocommerce .track_order button[type="submit"],.nav-cart .nav-cart-content .widget .buttons .button,.woocommerce a.button.wc-backward,body.woocommerce .wccm-catalog-item a.button,body.woocommerce a.wccm-button.button,form.woocommerce-form-coupon button.button,div.wpforms-container .wpforms-form button[type=submit].wpforms-submit,div.woocommerce a.button.alt,div.woocommerce table.my_account_orders .button,.btn.colored-button,.btn.btn-left,.btn.btn-right,.btn:not(.colored-button):not(.btn-left):not(.btn-right):not(.btn-just-icon):not(.menu-item):not(.hestia-sidebar-open):not(.hestia-sidebar-close){padding-top:15px;padding-bottom:15px;padding-left:33px;padding-right:33px}
:root{--hestia-button-border-radius:3px}.btn.btn-primary:not(.colored-button):not(.btn-left):not(.btn-right):not(.btn-just-icon):not(.menu-item),input[type="submit"]:not(.search-submit),body:not(.woocommerce-account) .woocommerce .button.woocommerce-Button,.woocommerce .product button.button,.woocommerce .product button.button.alt,.woocommerce .product #respond input#submit,.woocommerce-cart .blog-post .woocommerce .cart-collaterals .cart_totals .checkout-button,.woocommerce-checkout #payment #place_order,.woocommerce-account.woocommerce-page button.button,.woocommerce .track_order button[type="submit"],.nav-cart .nav-cart-content .widget .buttons .button,.woocommerce a.button.wc-backward,body.woocommerce .wccm-catalog-item a.button,body.woocommerce a.wccm-button.button,form.woocommerce-form-coupon button.button,div.wpforms-container .wpforms-form button[type=submit].wpforms-submit,div.woocommerce a.button.alt,div.woocommerce table.my_account_orders .button,input[type="submit"].search-submit,.hestia-view-cart-wrapper .added_to_cart.wc-forward,.woocommerce-product-search button,.woocommerce-cart .actions .button,#secondary div[id^=woocommerce_price_filter] .button,.woocommerce div[id^=woocommerce_widget_cart].widget .buttons .button,.searchform input[type=submit],.searchform button,.search-form:not(.media-toolbar-primary) input[type=submit],.search-form:not(.media-toolbar-primary) button,.woocommerce-product-search input[type=submit],.btn.colored-button,.btn.btn-left,.btn.btn-right,.btn:not(.colored-button):not(.btn-left):not(.btn-right):not(.btn-just-icon):not(.menu-item):not(.hestia-sidebar-open):not(.hestia-sidebar-close){border-radius:3px}
@media(min-width:769px){.page-header.header-small .hestia-title,.page-header.header-small .title,h1.hestia-title.title-in-content,.main article.section .has-title-font-size{font-size:42px}}
@media( min-width:480px){}@media( min-width:768px){}.hestia-scroll-to-top{border-radius :50%;background-color:#999}.hestia-scroll-to-top:hover{background-color:#999}.hestia-scroll-to-top:hover svg,.hestia-scroll-to-top:hover p{color:#fff}.hestia-scroll-to-top svg,.hestia-scroll-to-top p{color:#fff}
</style>
<link rel='stylesheet' id='hestia_fonts-css' href='https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700%7CRoboto+Slab%3A400%2C700&#038;subset=latin%2Clatin-ext&#038;ver=3.3.0' type='text/css' media='all' />
<script type="text/javascript" src="https://owasp.or.id/wp-includes/js/jquery/jquery.min.js?ver=3.7.1" id="jquery-core-js"></script>
<script type="text/javascript" src="https://owasp.or.id/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1" id="jquery-migrate-js"></script>
<link rel="https://api.w.org/" href="https://owasp.or.id/wp-json/" /><link rel="alternate" title="JSON" type="application/json" href="https://owasp.or.id/wp-json/wp/v2/tags/267" /><link rel="EditURI" type="application/rsd+xml" title="RSD" href="https://owasp.or.id/xmlrpc.php?rsd" />
<meta name="generator" content="WordPress 6.8.2" />
<link rel="icon" href="https://owasp.or.id/wp-content/uploads/2023/10/owaspjkt-150x150.png" sizes="32x32" />
<link rel="icon" href="https://owasp.or.id/wp-content/uploads/2023/10/owaspjkt.png" sizes="192x192" />
<link rel="apple-touch-icon" href="https://owasp.or.id/wp-content/uploads/2023/10/owaspjkt.png" />
<meta name="msapplication-TileImage" content="https://owasp.or.id/wp-content/uploads/2023/10/owaspjkt.png" />
</head>

<body class="archive tag tag-flaws tag-267 wp-custom-logo wp-theme-hestia header-layout-default">
		<div class="wrapper  default ">
		<header class="header ">
			<div style="display: none"></div>		<nav class="navbar navbar-default  hestia_left navbar-not-transparent navbar-fixed-top">
						<div class="container">
						<div class="navbar-header">
			<div class="title-logo-wrapper">
				<a class="navbar-brand" href="https://owasp.or.id/"
						title="OWASP Jakarta">
					<img  src="https://owasp.or.id/wp-content/uploads/2023/10/owaspjkt.png" alt="OWASP Jakarta" width="1667" height="563"></a>
			</div>
								<div class="navbar-toggle-wrapper">
						<button type="button" class="navbar-toggle" data-toggle="collapse" data-target="#main-navigation">
								<span class="icon-bar"></span><span class="icon-bar"></span><span class="icon-bar"></span>				<span class="sr-only">Toggle Navigation</span>
			</button>
					</div>
				</div>
		<div id="main-navigation" class="collapse navbar-collapse"><ul id="menu-home" class="nav navbar-nav"><li id="menu-item-386" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-home menu-item-386"><a title="Home" href="https://owasp.or.id">Home</a></li>
<li id="menu-item-383" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-has-children menu-item-383 dropdown"><a title="Meetup" href="https://owasp.or.id/meetup/" class="dropdown-toggle">Meetup <span class="caret-wrap"><span class="caret"><svg aria-hidden="true" focusable="false" data-prefix="fas" data-icon="chevron-down" class="svg-inline--fa fa-chevron-down fa-w-14" role="img" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><path d="M207.029 381.476L12.686 187.132c-9.373-9.373-9.373-24.569 0-33.941l22.667-22.667c9.357-9.357 24.522-9.375 33.901-.04L224 284.505l154.745-154.021c9.379-9.335 24.544-9.317 33.901.04l22.667 22.667c9.373 9.373 9.373 24.569 0 33.941L240.971 381.476c-9.373 9.372-24.569 9.372-33.942 0z"></path></svg></span></span></a>
<ul role="menu" class="dropdown-menu">
	<li id="menu-item-457" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-457"><a title="Meetup.com" href="https://www.meetup.com/owasp-jakarta-chapter/">Meetup.com</a></li>
</ul>
</li>
<li id="menu-item-385" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-385"><a title="Sitemap" href="https://owasp.or.id/sitemap_index.xml">Sitemap</a></li>
<li id="menu-item-384" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-384"><a title="Contact" href="https://owasp.or.id/contact/">Contact</a></li>
</ul></div>			</div>
					</nav>
				</header>
<div id="primary" class="boxed-layout-header page-header header-small" data-parallax="active" ><div class="container"><div class="row"><div class="col-md-10 col-md-offset-1 text-center"><h1 class="hestia-title">Flaws</h1></div></div></div><div class="header-filter" style="background-image: url(https://owasp.or.id/wp-content/uploads/2023/10/cropped-owaspjkt3.webp);"></div></div>
<div class="main  main-raised ">
	<div class="hestia-blogs" data-layout="full-width">
		<div class="container">
			<div class="row">
								<div class="col-md-10 col-md-offset-1 blog-posts-wrap">
					<article 
		id="post-4569" 
		class="card card-blog card-plain post-4569 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-active tag-cisa tag-critical tag-exploitation tag-flags tag-flaws tag-mitel tag-oracle tag-systems"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2025/01/08/cisa-flags-critical-flaws-in-mitel-and-oracle-systems-amid-active-exploitation/" title="CISA Flags Critical Flaws in Mitel and Oracle Systems Amid Active Exploitation"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2025/01/CISA-Flags-Critical-Flaws-in-Mitel-and-Oracle-Systems-Amid-360x240.jpg" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="CISA Flags Critical Flaws in Mitel and Oracle Systems Amid Active Exploitation" decoding="async" fetchpriority="high" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2025/01/08/cisa-flags-critical-flaws-in-mitel-and-oracle-systems-amid-active-exploitation/" title="CISA Flags Critical Flaws in Mitel and Oracle Systems Amid Active Exploitation" rel="bookmark">CISA Flags Critical Flaws in Mitel and Oracle Systems Amid Active Exploitation</a></h2><div class="card-description entry-summary "><p>CISA Flags Critical Flaws in Mitel and Oracle Systems Amid Active Exploitation The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added three flaws impacting Mitel MiCollab and Oracle WebLogic Server to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The list of vulnerabilities is as<a class="moretag" href="https://owasp.or.id/2025/01/08/cisa-flags-critical-flaws-in-mitel-and-oracle-systems-amid-active-exploitation/"> Read more</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2025/01/08/cisa-flags-critical-flaws-in-mitel-and-oracle-systems-amid-active-exploitation/"><time class="entry-date published" datetime="2025-01-08T05:10:41+00:00" content="2025-01-08">7 months</time> ago</a> <time class="updated hestia-hidden" datetime="2025-01-08T05:10:41+00:00">January 8, 2025</time></div></div></div></article><article 
		id="post-4531" 
		class="card card-blog card-plain post-4531 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-api tag-apps tag-dynamics tag-flaws tag-microsoft tag-patched tag-power tag-security tag-severe tag-web"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2025/01/02/severe-security-flaws-patched-in-microsoft-dynamics-365-and-power-apps-web-api/" title="Severe Security Flaws Patched in Microsoft Dynamics 365 and Power Apps Web API"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2025/01/Severe-Security-Flaws-Patched-in-Microsoft-Dynamics-365-and-Power-360x240.png" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="Severe Security Flaws Patched in Microsoft Dynamics 365 and Power Apps Web API" decoding="async" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2025/01/02/severe-security-flaws-patched-in-microsoft-dynamics-365-and-power-apps-web-api/" title="Severe Security Flaws Patched in Microsoft Dynamics 365 and Power Apps Web API" rel="bookmark">Severe Security Flaws Patched in Microsoft Dynamics 365 and Power Apps Web API</a></h2><div class="card-description entry-summary "><p>Severe Security Flaws Patched in Microsoft Dynamics 365 and Power Apps Web API Details have emerged about three now-patched security vulnerabilities in Dynamics 365 and Power Apps Web API that could result in data exposure. The flaws, discovered by Melbourne-based cybersecurity company Stratus Security, have been addressed as of May<a class="moretag" href="https://owasp.or.id/2025/01/02/severe-security-flaws-patched-in-microsoft-dynamics-365-and-power-apps-web-api/"> Read more</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2025/01/02/severe-security-flaws-patched-in-microsoft-dynamics-365-and-power-apps-web-api/"><time class="entry-date published" datetime="2025-01-02T14:24:12+00:00" content="2025-01-02">7 months</time> ago</a> <time class="updated hestia-hidden" datetime="2025-01-02T14:24:12+00:00">January 2, 2025</time></div></div></div></article><article 
		id="post-4477" 
		class="card card-blog card-plain post-4477 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-attacks tag-cloud tag-devices tag-expose tag-flaws tag-networks039 tag-platform tag-remote tag-ruijie"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/12/25/ruijie-networks-cloud-platform-flaws-could-expose-50000-devices-to-remote-attacks/" title="Ruijie Networks&#039; Cloud Platform Flaws Could Expose 50,000 Devices to Remote Attacks"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2024/12/Ruijie-Networks039-Cloud-Platform-Flaws-Could-Expose-50000-Devices-to-360x240.png" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="Ruijie Networks&#039; Cloud Platform Flaws Could Expose 50,000 Devices to Remote Attacks" decoding="async" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/12/25/ruijie-networks-cloud-platform-flaws-could-expose-50000-devices-to-remote-attacks/" title="Ruijie Networks&#039; Cloud Platform Flaws Could Expose 50,000 Devices to Remote Attacks" rel="bookmark">Ruijie Networks&#039; Cloud Platform Flaws Could Expose 50,000 Devices to Remote Attacks</a></h2><div class="card-description entry-summary "><p>Ruijie Networks&#039; Cloud Platform Flaws Could Expose 50,000 Devices to Remote Attacks Cybersecurity researchers have discovered several security flaws in the cloud management platform developed by Ruijie Networks that could permit an attacker to take control of the network appliances. &#8220;These vulnerabilities affect both the Reyee platform, as well as<a class="moretag" href="https://owasp.or.id/2024/12/25/ruijie-networks-cloud-platform-flaws-could-expose-50000-devices-to-remote-attacks/"> Read more</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/12/25/ruijie-networks-cloud-platform-flaws-could-expose-50000-devices-to-remote-attacks/"><time class="entry-date published" datetime="2024-12-25T15:43:06+00:00" content="2024-12-25">7 months</time> ago</a> <time class="updated hestia-hidden" datetime="2024-12-25T15:43:06+00:00">December 25, 2024</time></div></div></div></article><article 
		id="post-4449" 
		class="card card-blog card-plain post-4449 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-critical tag-exploitation tag-firewall tag-flaws tag-hotfixes tag-issues tag-prevent tag-sophos tag-update"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/12/20/sophos-issues-hotfixes-for-critical-firewall-flaws-update-to-prevent-exploitation/" title="Sophos Issues Hotfixes for Critical Firewall Flaws: Update to Prevent Exploitation"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2024/12/Sophos-Issues-Hotfixes-for-Critical-Firewall-Flaws-Update-to-Prevent-360x240.png" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="Sophos Issues Hotfixes for Critical Firewall Flaws: Update to Prevent Exploitation" decoding="async" loading="lazy" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/12/20/sophos-issues-hotfixes-for-critical-firewall-flaws-update-to-prevent-exploitation/" title="Sophos Issues Hotfixes for Critical Firewall Flaws: Update to Prevent Exploitation" rel="bookmark">Sophos Issues Hotfixes for Critical Firewall Flaws: Update to Prevent Exploitation</a></h2><div class="card-description entry-summary "><p>Sophos Issues Hotfixes for Critical Firewall Flaws: Update to Prevent Exploitation Sophos has released hotfixes to address three security flaws in Sophos Firewall products that could be exploited to achieve remote code execution and allow privileged system access under certain conditions. Of the three, two are rated Critical in severity.<a class="moretag" href="https://owasp.or.id/2024/12/20/sophos-issues-hotfixes-for-critical-firewall-flaws-update-to-prevent-exploitation/"> Read more</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/12/20/sophos-issues-hotfixes-for-critical-firewall-flaws-update-to-prevent-exploitation/"><time class="entry-date published" datetime="2024-12-20T11:07:41+00:00" content="2024-12-20">7 months</time> ago</a> <time class="updated hestia-hidden" datetime="2024-12-20T11:07:41+00:00">December 20, 2024</time></div></div></div></article><article 
		id="post-4401" 
		class="card card-blog card-plain post-4401 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-alerts tag-campaign tag-cisa tag-expanding tag-exploited tag-fbi tag-flaws tag-hiatusrat tag-raise"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/12/17/cisa-and-fbi-raise-alerts-on-exploited-flaws-and-expanding-hiatusrat-campaign/" title="CISA and FBI Raise Alerts on Exploited Flaws and Expanding HiatusRAT Campaign"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2024/12/CISA-and-FBI-Raise-Alerts-on-Exploited-Flaws-and-Expanding-360x240.png" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="CISA and FBI Raise Alerts on Exploited Flaws and Expanding HiatusRAT Campaign" decoding="async" loading="lazy" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/12/17/cisa-and-fbi-raise-alerts-on-exploited-flaws-and-expanding-hiatusrat-campaign/" title="CISA and FBI Raise Alerts on Exploited Flaws and Expanding HiatusRAT Campaign" rel="bookmark">CISA and FBI Raise Alerts on Exploited Flaws and Expanding HiatusRAT Campaign</a></h2><div class="card-description entry-summary "><p>CISA and FBI Raise Alerts on Exploited Flaws and Expanding HiatusRAT Campaign The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added two security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The list of flaws is below &#8211; CVE-2024-20767 (CVSS<a class="moretag" href="https://owasp.or.id/2024/12/17/cisa-and-fbi-raise-alerts-on-exploited-flaws-and-expanding-hiatusrat-campaign/"> Read more</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/12/17/cisa-and-fbi-raise-alerts-on-exploited-flaws-and-expanding-hiatusrat-campaign/"><time class="entry-date published" datetime="2024-12-17T08:48:41+00:00" content="2024-12-17">7 months</time> ago</a> <time class="updated hestia-hidden" datetime="2024-12-17T08:48:41+00:00">December 17, 2024</time></div></div></div></article><article 
		id="post-4341" 
		class="card card-blog card-plain post-4341 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-actively tag-clfs tag-exploited tag-fixes tag-flaws tag-including tag-microsoft tag-patch tag-vulnerability"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/12/11/microsoft-fixes-72-flaws-including-patch-for-actively-exploited-clfs-vulnerability/" title="Microsoft Fixes 72 Flaws, Including Patch for Actively Exploited CLFS Vulnerability"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2024/12/Microsoft-Fixes-72-Flaws-Including-Patch-for-Actively-Exploited-CLFS-360x240.png" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="Microsoft Fixes 72 Flaws, Including Patch for Actively Exploited CLFS Vulnerability" decoding="async" loading="lazy" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/12/11/microsoft-fixes-72-flaws-including-patch-for-actively-exploited-clfs-vulnerability/" title="Microsoft Fixes 72 Flaws, Including Patch for Actively Exploited CLFS Vulnerability" rel="bookmark">Microsoft Fixes 72 Flaws, Including Patch for Actively Exploited CLFS Vulnerability</a></h2><div class="card-description entry-summary "><p>Microsoft Fixes 72 Flaws, Including Patch for Actively Exploited CLFS Vulnerability Microsoft closed out its Patch Tuesday updates for 2024 with fixes for a total of 72 security flaws spanning its software portfolio, including one that it said has been exploited in the wild. Of the 72 flaws, 17 are<a class="moretag" href="https://owasp.or.id/2024/12/11/microsoft-fixes-72-flaws-including-patch-for-actively-exploited-clfs-vulnerability/"> Read more</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/12/11/microsoft-fixes-72-flaws-including-patch-for-actively-exploited-clfs-vulnerability/"><time class="entry-date published" datetime="2024-12-11T08:18:12+00:00" content="2024-12-11">7 months</time> ago</a> <time class="updated hestia-hidden" datetime="2024-12-11T08:18:12+00:00">December 11, 2024</time></div></div></div></article><article 
		id="post-4293" 
		class="card card-blog card-plain post-4293 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-flaws tag-frameworks tag-learning tag-machine tag-opensource tag-popular tag-researchers tag-uncover"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/12/06/researchers-uncover-flaws-in-popular-open-source-machine-learning-frameworks/" title="Researchers Uncover Flaws in Popular Open-Source Machine Learning Frameworks"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2024/12/Researchers-Uncover-Flaws-in-Popular-Open-Source-Machine-Learning-Frameworks-360x240.png" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="Researchers Uncover Flaws in Popular Open-Source Machine Learning Frameworks" decoding="async" loading="lazy" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/12/06/researchers-uncover-flaws-in-popular-open-source-machine-learning-frameworks/" title="Researchers Uncover Flaws in Popular Open-Source Machine Learning Frameworks" rel="bookmark">Researchers Uncover Flaws in Popular Open-Source Machine Learning Frameworks</a></h2><div class="card-description entry-summary "><p>Researchers Uncover Flaws in Popular Open-Source Machine Learning Frameworks Cybersecurity researchers have disclosed multiple security flaws impacting open-source machine learning (ML) tools and frameworks such as MLflow, H2O, PyTorch, and MLeap that could pave the way for code execution. The vulnerabilities, discovered by JFrog, are part of a broader collection<a class="moretag" href="https://owasp.or.id/2024/12/06/researchers-uncover-flaws-in-popular-open-source-machine-learning-frameworks/"> Read more</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/12/06/researchers-uncover-flaws-in-popular-open-source-machine-learning-frameworks/"><time class="entry-date published" datetime="2024-12-06T12:31:59+00:00" content="2024-12-06">8 months</time> ago</a> <time class="updated hestia-hidden" datetime="2024-12-06T12:31:59+00:00">December 6, 2024</time></div></div></div></article><article 
		id="post-4273" 
		class="card card-blog card-plain post-4273 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-active tag-cisa tag-cyberpanel tag-exploitation tag-flaws tag-projectsend tag-warns tag-zyxel"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/12/05/cisa-warns-of-active-exploitation-of-flaws-in-zyxel-projectsend-and-cyberpanel/" title="CISA Warns of Active Exploitation of Flaws in Zyxel, ProjectSend, and CyberPanel"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2024/12/CISA-Warns-of-Active-Exploitation-of-Flaws-in-Zyxel-ProjectSend-360x240.png" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="CISA Warns of Active Exploitation of Flaws in Zyxel, ProjectSend, and CyberPanel" decoding="async" loading="lazy" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/12/05/cisa-warns-of-active-exploitation-of-flaws-in-zyxel-projectsend-and-cyberpanel/" title="CISA Warns of Active Exploitation of Flaws in Zyxel, ProjectSend, and CyberPanel" rel="bookmark">CISA Warns of Active Exploitation of Flaws in Zyxel, ProjectSend, and CyberPanel</a></h2><div class="card-description entry-summary "><p>CISA Warns of Active Exploitation of Flaws in Zyxel, ProjectSend, and CyberPanel The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added multiple security flaws affecting products from Zyxel, North Grid Proself, ProjectSend, and CyberPanel to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The<a class="moretag" href="https://owasp.or.id/2024/12/05/cisa-warns-of-active-exploitation-of-flaws-in-zyxel-projectsend-and-cyberpanel/"> Read more</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/12/05/cisa-warns-of-active-exploitation-of-flaws-in-zyxel-projectsend-and-cyberpanel/"><time class="entry-date published" datetime="2024-12-05T07:51:57+00:00" content="2024-12-05">8 months</time> ago</a> <time class="updated hestia-hidden" datetime="2024-12-05T07:51:57+00:00">December 5, 2024</time></div></div></div></article><article 
		id="post-4236" 
		class="card card-blog card-plain post-4236 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-clients tag-compromise tag-exploits tag-flaws tag-nachovpn tag-popular tag-system tag-tool tag-vpn"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/12/03/nachovpn-tool-exploits-flaws-in-popular-vpn-clients-for-system-compromise/" title="NachoVPN Tool Exploits Flaws in Popular VPN Clients for System Compromise"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2024/12/NachoVPN-Tool-Exploits-Flaws-in-Popular-VPN-Clients-for-System-360x240.png" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="NachoVPN Tool Exploits Flaws in Popular VPN Clients for System Compromise" decoding="async" loading="lazy" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/12/03/nachovpn-tool-exploits-flaws-in-popular-vpn-clients-for-system-compromise/" title="NachoVPN Tool Exploits Flaws in Popular VPN Clients for System Compromise" rel="bookmark">NachoVPN Tool Exploits Flaws in Popular VPN Clients for System Compromise</a></h2><div class="card-description entry-summary "><p>NachoVPN Tool Exploits Flaws in Popular VPN Clients for System Compromise Cybersecurity researchers have disclosed a set of flaws impacting Palo Alto Networks and SonicWall virtual private network (VPN) clients that could be potentially exploited to gain remote code execution on Windows and macOS systems. &#8220;By targeting the implicit trust<a class="moretag" href="https://owasp.or.id/2024/12/03/nachovpn-tool-exploits-flaws-in-popular-vpn-clients-for-system-compromise/"> Read more</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/12/03/nachovpn-tool-exploits-flaws-in-popular-vpn-clients-for-system-compromise/"><time class="entry-date published" datetime="2024-12-03T11:46:16+00:00" content="2024-12-03">8 months</time> ago</a> <time class="updated hestia-hidden" datetime="2024-12-03T11:46:16+00:00">December 3, 2024</time></div></div></div></article><article 
		id="post-4207" 
		class="card card-blog card-plain post-4207 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-active tag-attacks tag-cloud tag-erp tag-exploited tag-fixes tag-flaws tag-microsoft tag-security"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/11/29/microsoft-fixes-ai-cloud-and-erp-security-flaws-one-exploited-in-active-attacks/" title="Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2024/11/Microsoft-Fixes-AI-Cloud-and-ERP-Security-Flaws-One-Exploited-360x240.png" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks" decoding="async" loading="lazy" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/11/29/microsoft-fixes-ai-cloud-and-erp-security-flaws-one-exploited-in-active-attacks/" title="Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks" rel="bookmark">Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks</a></h2><div class="card-description entry-summary "><p>Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks Microsoft has addressed four security flaws impacting its artificial intelligence (AI), cloud, enterprise resource planning, and Partner Center offerings, including one that it said has been exploited in the wild. The vulnerability that has been tagged with<a class="moretag" href="https://owasp.or.id/2024/11/29/microsoft-fixes-ai-cloud-and-erp-security-flaws-one-exploited-in-active-attacks/"> Read more</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/11/29/microsoft-fixes-ai-cloud-and-erp-security-flaws-one-exploited-in-active-attacks/"><time class="entry-date published" datetime="2024-11-29T12:54:56+00:00" content="2024-11-29">8 months</time> ago</a> <time class="updated hestia-hidden" datetime="2024-11-29T12:54:56+00:00">November 29, 2024</time></div></div></div></article>
	<nav class="navigation pagination" aria-label="Posts pagination">
		<h2 class="screen-reader-text">Posts pagination</h2>
		<div class="nav-links"><span aria-current="page" class="page-numbers current">1</span>
<a class="page-numbers" href="https://owasp.or.id/tag/flaws/page/2/">2</a>
<span class="page-numbers dots">&hellip;</span>
<a class="page-numbers" href="https://owasp.or.id/tag/flaws/page/9/">9</a>
<a class="next page-numbers" href="https://owasp.or.id/tag/flaws/page/2/">Next</a></div>
	</nav>				</div>
							</div>
		</div>
	</div>
</div>
					<footer class="footer footer-black footer-big">
						<div class="container">
																<div class="hestia-bottom-footer-content"><div class="copyright pull-right">Hestia | Developed by <a href="https://themeisle.com" rel="nofollow">ThemeIsle</a></div></div>			</div>
					</footer>
			</div>
<script type="speculationrules">
{"prefetch":[{"source":"document","where":{"and":[{"href_matches":"\/*"},{"not":{"href_matches":["\/wp-*.php","\/wp-admin\/*","\/wp-content\/uploads\/*","\/wp-content\/*","\/wp-content\/plugins\/*","\/wp-content\/themes\/hestia\/*","\/*\\?(.+)"]}},{"not":{"selector_matches":"a[rel~=\"nofollow\"]"}},{"not":{"selector_matches":".no-prefetch, .no-prefetch a"}}]},"eagerness":"conservative"}]}
</script>
<link rel='stylesheet' id='font-awesome-5-all-css' href='https://owasp.or.id/wp-content/themes/hestia/assets/font-awesome/css/all.min.css?ver=1.0.2' type='text/css' media='all' />
<link rel='stylesheet' id='font-awesome-4-shim-css' href='https://owasp.or.id/wp-content/themes/hestia/assets/font-awesome/css/v4-shims.min.css?ver=1.0.2' type='text/css' media='all' />
<script type="text/javascript" src="https://owasp.or.id/wp-content/themes/hestia/assets/bootstrap/js/bootstrap.min.js?ver=1.0.2" id="jquery-bootstrap-js"></script>
<script type="text/javascript" src="https://owasp.or.id/wp-includes/js/jquery/ui/core.min.js?ver=1.13.3" id="jquery-ui-core-js"></script>
<script type="text/javascript" id="hestia_scripts-js-extra">
/* <![CDATA[ */
var requestpost = {"ajaxurl":"https:\/\/owasp.or.id\/wp-admin\/admin-ajax.php","disable_autoslide":"","masonry":"","scroll_offset":"0"};
/* ]]> */
</script>
<script type="text/javascript" src="https://owasp.or.id/wp-content/themes/hestia/assets/js/script.min.js?ver=3.3.0" id="hestia_scripts-js"></script>
</body>
</html>