Advertising My Insecurities

Advertising My Insecurities

When applications respond to our HTTP requests they include information about the response, how the browser should handle the response (i.e. avoid unsafe javascript) and also with some information about the server. Some applications out there advertise their

Using the Network tab in your browser's developer tools, can you find out what insecure version of software this page is (pretending to be) running on?

Your next challenge is to find a vulnerability a CVSS score of 9.8 (any of the 3 is fine). Specifically it is the CVE name that we want.

Server Version:
CVE Name:
Hint for finding the vulnerability The Google seearch "Drupal Core 10.3.x vulnerabilities" or "Drupal Core 10.3.x CVE" should get plenty hits. You could also use use the NIST NVD search feature and search for Drupal Core. As a final hint, the three we're interested in were reported in 2024.
Created by Richard Adams Activities Home :: Resources