Markdownify version 1.4.1 allows an external attacker to remotely obtain arbitrary local files on any client that attempts to view a malicious markdown file through Markdownify. This is possible because the application does not have a CSP policy (or at…
[fastest-json-copy] fastest-json-copy vulnerable to Prototype Pollution
fastest-json-copy version 1.0.1 allows an external attacker to edit or add new properties to an object. This is possible because the application does not correctly validate the incoming JSON keys, thus allowing the __proto__ property to be edited.
Refe…
[deep-parse-json] deep-parse-json vulnerable to Prototype Pollution
deep-parse-json version 1.0.2 allows an external attacker to edit or add new properties to an object. This is possible because the application does not correctly validate the incoming JSON keys, thus allowing the __proto__ property to be edited.
Refere…
[deep-object-diff] deep-object-diff vulnerable to Prototype Pollution
deep-object-diff before version 1.1.6 allows an external attacker to edit or add new properties to an object. This is possible because the application does not properly validate incoming JSON keys, thus allowing the __proto__ property to be edited. Thi…
[org.apache.uima:uimaj-core] Apache UIMA Path Traversal vulnerability
A relative path traversal vulnerability in a FileUtil class used by the PEAR management component of Apache UIMA allows an attacker to create files outside the designated target directory using carefully crafted ZIP entry names. This issue affects Apac…
[opencart/opencart] OpenCart allows users on admin page to obtain database information or read server files through SQL injection
OpenCart 3.0.3.7 allows users to obtain database information or read server files through SQL injection in the background.
References
https://nvd.nist.gov/vuln/detail/CVE-2021-37823
https://medium.com/@nowczj/sql-injection-exists-in-the-background-of-…
[org.kairosdb:kairosdb] Reflected Cross site scripting (XSS) in kairosdb
KairosDB through 1.2.2 has XSS in view.html because of showErrorMessage in js/graph.js, as demonstrated by view.html?q= with a ‘”sampling”:{“value”:”
[@keystone-6/core] @keystone-6/core’s NODE_ENV defaults to development with esbuild
Impact
@keystone-6/core@3.0.0 || 3.0.1 users that use NODE_ENV in their own code (not dependencies) to trigger security-sensitive functionality in a production build are vulnerable to NODE_ENV being inlined to “development” for user code.
If your depen…
[in2code/femanager] TYPO3 Extension femanager vulnerable to Broken Access Control
The TYPO3 Extension femanager prior to versions 5.5.2, 6.3.3, and 7.0.1 is vulnerable to broken access control. The usergroup.inList validation can be bypassed resulting in new frontend users created by the extension may be members of groups that are r…
[tribalsystems/zenario] Tribal Systems Zenario CMS vulnerable to Cross-site Scripting
A vulnerability has been found in Tribal Systems Zenario CMS prior to version 8.5.51340. Affected by this issue is some unknown functionality of the file admin_organizer.js of the component Error Log Module. The manipulation leads to cross site scripti…