by Karthikeyan Jayaraman | Dec 15, 2020
We discovered a stored cross site scripting (XSS) vulnerability on Vera, a platform for online proofing and custom workflows used in the printing industry. An authenticated user could leverage the last name field in the User module of the system to execute a stored...
by John Randall | Oct 29, 2020
Adversary versus target; all organizations participate in this daily cat-and-mouse. Organizations initially fought this battle on the technology front. Miss something? Find another new technology to address the gap. Over time, technology delivered interesting intel,...
by Julien Pineault | Sep 3, 2020
At GoSecure, we work hard to illustrate the impact of our pentest findings on our clients’ security posture. In the past few years, we found numerous organizations with vulnerable Windows Server Update Services (WSUS) deployments. However, no tool (reliable enough to...
by Karthikeyan Jayaraman | Jun 11, 2020
An Authenticated Remote Code Execution (RCE) vulnerability was discovered on Vera, a platform for digital asset management used in the printing industry. The application allows an authenticated user to change the logo on the Website. An attacker can use this feature...