resolved
DOM XSS in `fizzy.do` import filename preview enables one-click victim account takeover
Bug reported by XavLimSG was disclosed at April 14, 2026, 9:36 pm | Cross-site Scripting (XSS) - DOM
A DOM XSS vulnerability was discovered in the file import functionality of the Fizzy application. The vulnerability allowed an attacker to craft a malicious filename that, when previewed by the victim user, would inject a second form submission into the import page. This enabled the attacker to perform actions on the victim's account, such as changing the email address, creating a personal access token, and deleting the account, all using the victim's authenticated session.
resolved
Improper Access Control in `fizzy.do` import flow allows cross-tenant ActionText reference resolution and data disclosure
Bug reported by XavLimSG was disclosed at April 14, 2026, 7:25 pm | Improper Access Control - Generic
The vulnerability allowed for cross-tenant ActionText reference resolution and data disclosure during the account import flow. The import process did not properly verify the ownership of the referenced records before minting signed global IDs, enabling an attacker to access and disclose data from other accounts.
resolved
[Variation of #3321406] YetAnother 1-Click Chaining of Self-XSS, Cookie Tossing and AntiCSRF Token Prediction leads to auto approval in AccessTempAuth
Bug reported by Nishant was disclosed at April 14, 2026, 5:54 am | Cross-site Scripting (XSS) - Stored
A vulnerability in Cloudflare Access involving the Browser Isolation email field was discovered, which could allow for unauthorized approvals within the Temporary Auth workflow. The issue has been fully remediated.
resolved
[Variation of #1554049] 1-Click Chaining of Self-XSS, Cookie Tossing and AntiCSRF Token Prediction leads to auto approval in Access Temp Auth
Bug reported by Nishant was disclosed at April 14, 2026, 5:53 am |
A vulnerability was discovered in Cloudflare Access that could allow for unauthorized approvals within the Temporary Auth workflow. The issue was resolved after the researcher reported it to Cloudflare.
![[Image: e72398fe92beda2aa80d0329e8b9f4febece7568.gif]](https://64.media.tumblr.com/834502d05f9b014cbc37366fe428a5a7/13cb9841c0799d7a-ff/s500x560/e72398fe92beda2aa80d0329e8b9f4febece7568.gif)
