Another #cybersecurity #vulnerability #disclosure for today: Granicus GovQA.
Several critical vulnerabilities were identified in Granicus's GovQA, a platform used by government agencies for case and document management. These vulnerabilities included the leakage of usernames and emails, the ability to reset passwords without answering security questions, and the capability to reset any password without knowing the username.
https://govtech.cc/README-2024-09-26-granicus-govqa.md
#infosec
Jason Parker /
npub17c…lxk5s
2024-09-26 16:52:24
Author Public Key
npub17csmz6jrsukee599d54v88l56a79med2zaeyq5psf0hj6jrkmatsnlxk5sPublished at
2024-09-26 16:52:24Event JSON
{
"id": "c7b101d1c87d0a662c9c86227c6f9732cea4250700846052754446f0a62945f6",
"pubkey": "f621b16a43872d9cd0a56d2ac39ff4d77c5de5aa17724050304bef2d4876df57",
"created_at": 1727369544,
"kind": 1,
"tags": [
[
"t",
"cybersecurity"
],
[
"t",
"vulnerability"
],
[
"t",
"disclosure"
],
[
"t",
"infosec"
],
[
"proxy",
"https://xn--8r9a.com/users/north/statuses/113204890463878852",
"activitypub"
]
],
"content": "Another #cybersecurity #vulnerability #disclosure for today: Granicus GovQA.\n\nSeveral critical vulnerabilities were identified in Granicus's GovQA, a platform used by government agencies for case and document management. These vulnerabilities included the leakage of usernames and emails, the ability to reset passwords without answering security questions, and the capability to reset any password without knowing the username.\n\nhttps://govtech.cc/README-2024-09-26-granicus-govqa.md\n\n#infosec",
"sig": "c7f278f645a63aba70c2bfc67704884ab26919c8c5505b92e0bd386cf12f7fe70da7701dc40e786f1a35daa3352f5c7d2b14fd588876f6e8b2163c2e71eed568"
}