SyncFusion: CVE-2023-26563/4/5

We discovered multiple high severity CVEs in Syncfusion’s software and discuss the advantages and disadvantages of utilising third-party solutions in your software.

This blog goes into detail about the issues themselves and the corresponding risks that they pose to businesses.

From Previewing Files to Cracking Hashes

In August 2022, we completed a web application penetration test for a relatively new client. The scope was a pre-existing web application that allowed users to manage their calendars, plan events, upload documents and manage their accounts.

The application had been tested by a previous penetration testing supplier and received a clean bill of health, but that all changed once we had our hands on it…