The blog discusses how accessibility laws in APAC and Latin America are evolving, making compliance a business-critical need. It also explores regional legal updates and how AI-powered accessibility testing helps ensure inclusion, reduce risk and support ethical, user-friendly design.
The post Digital Accessibility Is Rising: Here’s How APAC and LATAM Are Leading the Shift first appeared on TestingXperts.
Development
What is the notion of Suite in Before/After Suite annotation? Unlike Before/After Class and Method, I never had to use them. Suite I think can’t be the same thing as Java package, since classes with @Test annotations can be put in different packages. Is that so?
Citrix Patches Critical Vulns in NetScaler ADC and Gateway
Source: Vladimir Sotnichenko via Alamy Stock PhotoNEWS BRIEFCitrix has fixed a critical vulnerability, tracked as CVE-2025-5777, found within NetScaler ADC and NetScaler Gateway.The vulnerability, ass …
Read more
Published Date:
Jun 23, 2025 (3 hours, 47 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-5777
CVE-2025-5349
CVE-2023-6549
CVE-2023-6548
CVE-2023-4966
Canadian telecom hacked by suspected China state group
Hackers suspected of working on behalf of the Chinese government exploited a maximum-severity vulnerability, which had received a patch 16 months earlier, to compromise a telecommunications provider i …
Read more
Published Date:
Jun 23, 2025 (3 hours, 30 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2024-20399
CVE-2023-20273
CVE-2023-20198
CVE-2018-0171
Salt Typhoon Targets Telecoms via Router Flaws, Warn FBI and Canada
A newly released advisory from the FBI and Canada’s Cyber Centre warns of an ongoing cyber espionage campaign by a China-linked group that is targeting telecom networks worldwide. The report, issued J …
Read more
Published Date:
Jun 23, 2025 (32 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2023-20198
CVE ID : CVE-2023-47029
Published : June 23, 2025, 6:15 p.m. | 2 hours, 47 minutes ago
Description : An issue in NCR Terminal Handler v.1.5.1 allows a remote attacker to execute arbitrary code and obtain sensitive information via a crafted POST request to the UserService component
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-49126
Published : June 23, 2025, 6:15 p.m. | 4 hours, 29 minutes ago
Description : Visionatrix is an AI Media processing tool using ComfyUI. In versions 1.5.0 to before 2.5.1, the /docs/flows endpoint is vulnerable to a Reflected XSS (Cross-Site Scripting) attack allowing full takeover of the application and exfiltration of secrets stored in the application. The implementation uses the get_swagger_ui_html function from FastAPI. This function does not encode or sanitize its arguments before using them to generate the HTML for the swagger documentation page and is not intended to be used with user-controlled arguments. Any user of this application can be targeted with a one-click attack that can takeover their session and all the secrets that may be contained within it. This issue has been patched in version 2.5.1.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-6517
Published : June 23, 2025, 6:15 p.m. | 2 hours, 47 minutes ago
Description : A vulnerability was found in Dromara MaxKey up to 4.1.7 and classified as critical. This issue affects the function Add of the file maxkey-websmaxkey-web-mgtsrcmainjavaorgdromaramaxkeywebappscontorllerSAML20DetailsController.java of the component Meta URL Handler. The manipulation of the argument post leads to server-side request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-49144
Published : June 23, 2025, 7:15 p.m. | 1 hour, 47 minutes ago
Description : Notepad++ is a free and open-source source code editor. In versions 8.8.1 and prior, a privilege escalation vulnerability exists in the Notepad++ v8.8.1 installer that allows unprivileged users to gain SYSTEM-level privileges through insecure executable search paths. An attacker could use social engineering or clickjacking to trick users into downloading both the legitimate installer and a malicious executable to the same directory (typically Downloads folder – which is known as Vulnerable directory). Upon running the installer, the attack executes automatically with SYSTEM privileges. This issue has been fixed and will be released in version 8.8.2.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-50349
Published : June 23, 2025, 7:15 p.m. | 1 hour, 47 minutes ago
Description : PHPGurukul Pre-School Enrollment System Project V1.0 is vulnerable to Directory Traversal in update-teacher-pic.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-50348
Published : June 23, 2025, 7:15 p.m. | 1 hour, 47 minutes ago
Description : PHPGurukul Pre-School Enrollment System Project V1.0 is vulnerable to Directory Traversal in update-class-pic.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-6545
Published : June 23, 2025, 7:15 p.m. | 1 hour, 47 minutes ago
Description : Improper Input Validation vulnerability in pbkdf2 allows Signature Spoofing by Improper Validation. This vulnerability is associated with program files lib/to-buffer.Js.
This issue affects pbkdf2: from 3.0.10 through 3.1.2.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-6518
Published : June 23, 2025, 7:15 p.m. | 1 hour, 47 minutes ago
Description : A vulnerability was found in PySpur-Dev pyspur up to 0.1.18. It has been classified as critical. Affected is the function SingleLLMCallNode of the file backend/pyspur/nodes/llm/single_llm_call.py of the component Jinja2 Template Handler. The manipulation of the argument user_message leads to improper neutralization of special elements used in a template engine. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-6547
Published : June 23, 2025, 7:15 p.m. | 1 hour, 47 minutes ago
Description : Improper Input Validation vulnerability in pbkdf2 allows Signature Spoofing by Improper Validation.This issue affects pbkdf2:
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-2828
Published : June 23, 2025, 9:15 p.m. | 1 hour, 29 minutes ago
Description : A Server-Side Request Forgery (SSRF) vulnerability exists in the RequestsToolkit component of the langchain-community package (specifically, langchain_community.agent_toolkits.openapi.toolkit.RequestsToolkit) in langchain-ai/langchain version 0.0.27. This vulnerability occurs because the toolkit does not enforce restrictions on requests to remote internet addresses, allowing it to also access local addresses. As a result, an attacker could exploit this flaw to perform port scans, access local services, retrieve instance metadata from cloud environments (e.g., Azure, AWS), and interact with servers on the local network. This issue has been fixed in version 0.0.28.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-52562
Published : June 23, 2025, 9:15 p.m. | 1 hour, 29 minutes ago
Description : Convoy is a KVM server management panel for hosting businesses. In versions 3.9.0-rc3 to before 4.4.1, there is a directory traversal vulnerability in the LocaleController component of Performave Convoy. An unauthenticated remote attacker can exploit this vulnerability by sending a specially crafted HTTP request with malicious locale and namespace parameters. This allows the attacker to include and execute arbitrary PHP files on the server. This issue has been patched in version 4.4.1. A temporary workaround involves implementing strict Web Application Firewall (WAF) rules to incoming requests targeting the vulnerable endpoints.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
Canada says Salt Typhoon hacked telecom firm via Cisco flaw
The Canadian Centre for Cyber Security and the FBI confirm that the Chinese state-sponsored ‘Salt Typhoon’ hacking group is also targeting Canadian telecommunication firms, breaching a telecom provide …
Read more
Published Date:
Jun 23, 2025 (3 hours, 27 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2023-20198
Critical Teleport Vulnerability Let Attackers Remotely Bypass Authentication Controls
Summary
1. CVE-2025-49825 allows attackers to remotely bypass Teleport’s authentication controls, affecting multiple versions of the secure access platform.
2. Teleport has issued security updates for …
Read more
Published Date:
Jun 23, 2025 (2 hours, 45 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-49825
CVE ID : CVE-2025-2172
Published : June 23, 2025, 2:15 p.m. | 4 hours, 9 minutes ago
Description : Aviatrix Controller versions prior to 7.1.4208, 7.2.5090, and 8.0.0 fail to sanitize user input prior to passing the input to command line utilities, allowing command injection via special characters in filenames
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-52542
Published : June 23, 2025, 2:15 p.m. | 4 hours, 9 minutes ago
Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…