Security Links
XWiki is a generic wiki platform. In versions starting from 1.8 and prior to 15.10.16, 16.4.6, and 16.10.1, it is possible for a remote unauthenticated user to escape from the HQL execution context and perform a blind SQL injection to execute arbitrary SQL statements on the database backend, including when "Prevent unregistered users from viewing pages, regardless of the page rights" and "Prevent unregistered users from editing pages, regardless of the page rights" options are enabled. Depending on the used database backend, the attacker may be able to not only obtain confidential information such as password hashes from the database, but also execute UPDATE/INSERT/DELETE queries. This issue has been patched in versions 16.10.1, 16.4.6 and 15.10.16. There is no known workaround, other than upgrading XWiki.
#FORUM
HackerSploit Forum

Community Of Hackers & Security Professionals.

https://forum.hackersploit.org/
Reddit - SecurityClearance

A place to ask questions and share advice about the security clearance process.

https://www.reddit.com/r/SecurityClearance/
Reddit Blackhat

Hacking techniques and research. Focused on the ongoing discussion and documentation of vulnerabilities and exploitation techniques. Please read the rules before posting here.

https://www.reddit.com/r/blackhat/
Reddit r/threatintel

Sharing of information about threats, vulnerabilities, tools and trends across the security industry.

https://www.reddit.com/r/threatintel/
Hashcat Forum

Forum for Hashcat.

https://hashcat.net/forum/
HACKLIDO

Unleash your creativity with Hacklido. where content meets connection! Discover a world where you can freely express your ideas and connect with your future biggest fans. With Hacklido, you don't need to build everything from scratch – we provide the platform, and you bring the magic.

https://hacklido.com/
Reddit - PrivacyGuides

Tools and Resources for Protecting Your Data.

https://www.reddit.com/r/PrivacyGuides/
Information Security Stack Exchange

A question and answer site for information security professionals.

https://security.stackexchange.com/
BreachForums

A black hat hacking crime forum.

https://breachforums.st/
Infosec Exchange

Mastdon channel for security.

https://infosec.exchange/explore
Reddit - Hacking

A subreddit dedicated to hacking and hackers. Constructive collaboration and learning about exploits, industry standards, grey and white hat hacking, new hardware and software hacking technology, sharing ideas and suggestions for small business and personal security.

https://www.reddit.com/r/hacking/
Security Boulevard - Security Bloggers Network

Security Bloggers Network has been promoting and distributing Cybersecurity news and blogs from some of the leading experts in the security industry for over 12 years.

https://securityboulevard.com/security-bloggers-network/
UnKnoWnCheaTs

Multiplayer Game Hacking and Cheats. We encourage an open, free and collaborative environment for cheating in games. We supply content and information for game cheats and game hacking through our forum, download database, and structured tutorials.

https://www.unknowncheats.me/forum/portal.php
Reddit - Redteamsec

A subreddit dedicated to red and blue teaming content.

https://www.reddit.com/r/redteamsec/
Reddit - Malware

A place for malware reports and information.

https://www.reddit.com/r/Malware/
Reddit - Antirus

For all of your Antivirus needs.

https://www.reddit.com/r/antivirus/
Reddit - Web Security Research

A community for sharing and discussing novel web security research.

https://www.reddit.com/r/websecurityresearch/
Reddit - Cybersecurity

This subreddit is for technical professionals to discuss cybersecurity news, research, threats, etc.

https://www.reddit.com/r/cybersecurity/
Reverse Engineering Stack Exchange

A question and answer site for researchers and developers who explore the principles of a system through analysis of its structure, function, and operation.

https://reverseengineering.stackexchange.com/