Blog
In our blog, we report on pentesting, red teaming, and the latest news from MindBytes.
We assign our articles to categories. This gives you a quick overview of all articles in a category when needed:
Pentesting & Red Teaming | CVEs | MindBytes – Update! | Vulnerabilities & where to find them
Cross-Site Scripting in Qiata (CVE-2025-45850)
Unauthorized Access to Files in Qiata (CVE-2025-45849)
Affected Product: Qiata by SECUDOS Version 4.00.00–4.17.00CVSS Score (v3.1): 5.3 (Medium)Assigned CVE: CVE-2025-45849Recommendation: Update to Version 4.18.00Credit: Nina Wagner from MindBytes GmbHUsers can access files or their previews for which they are not...
March 2025 – Our Monthly Update
Short & sweet: 🎨 A colorful project mix featuring external infrastructure, Active Directory, web applications, and an extensive combination of web application pentesting + source code audits 📖 Created online content for the book "Pentests erfolgreich umsetzen"...
What was happening at MindBytes in February 2025?
Quite a lot! Here's a quick summary: 🩷 Since February, we've introduced employee benefits.⚓ For Christian, Simon, and Nina, a regular meeting in Hamburg was scheduled, combined with a seminar on body language and rhetoric. Conclusion: A super exciting experience,...
First month of the 3rd fiscal year complete
It's quite exciting that on one hand we've "only" been active for 16 months, yet we're already in our third fiscal year, isn't it? Anyway – here is our usual monthly review. We are currently in the final stages of several internal (major) projects: 📄 Internal audit...