First published: Mon Feb 26 2024(Updated: )
Hoppscotch is an API development ecosystem. Due to lack of validation for fields like Label (Edit Team) - TeamName, bad actors can send emails with Spoofed Content as Hoppscotch. Part of payload (external link) is presented in clickable form - easier to achieve own goals by malicious actors. This issue is fixed in 2023.12.6.
Credit: security-advisories@github.com
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.