Reports - PrivateBin

Vulnerability Report: Bypass of YOURLS proxy URL filter allows shortening URLs via YOURLs for other domains rather than the PrivateBin instance

Date Tuesday, 09. July 2024 Tags PrivateBin / Security

A bypass of the YOURLS proxy URL filter has been mitigated in PrivateBin 1.7.4.

more ...

Vulnerability Report: Persistent Cross-site Scripting (XSS) vulnerability in SVG attachments in PrivateBin < v1.4.0

Date Saturday, 09. April 2022 Tags PrivateBin / Security

An XSS vulnerability was found in the SVG attachment preview, which has been mitigated in PrivateBin v1.4.0.

more ...

Vulnerability Report: Persistent XSS vulnerability in filename of attached file in PrivateBin

Date Saturday, 11. January 2020 Tags PrivateBin / Security

On 25th of December 2019 an XSS vulnerability has been discovered, which has been fixed in PrivateBin v1.3.2 & v1.2.2.

more ...

Vulnerability Report

Date Saturday, 11. August 2018 Tags PrivateBin / Security

On 31st of August, @cryptolok reported a cryptographic vulnerability in PrivateBin, which has been fixed in PrivateBin v1.2.1.

more ...

Vulnerability Report

Date Tuesday, 10. October 2017 Tags PrivateBin / Security

On 29th of September, @pstn reported a medium data leak vulnerability in PrivateBin, which has been fixed in PrivateBin v1.1.1.

more ...

Measures taken after the 2014 ZeroBin security audit

Date Wednesday, 24. August 2016 Tags PrivateBin / Security / Audit

Measures taken against the issues raised in the 2014 ZeroBin security audit.

more ...

About the PrivateBin Project

PrivateBin is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted / decrypted in the browser using 256bit AES in Galois Counter mode.

Links