Impact
The admin and monitor user groups need to be authenticated by username and password. If we delete the X-Requested-With: XMLHttpRequest field in the request header,the authentication will be bypassed.
Patches
https://github.com/brockercap/Bifrost…
[oro/commerce] OroCommerce Cross site scripting vulnerability during shipping rule editing for UPS integration
Impact
Shipping rule edit page is vulnerable to cross site scripting (XSS) payload added to UPS Surcharge field. The attacker should have permission to create or edit a shipping rule.
References
https://github.com/oroinc/orocommerce/security/advisorie…
[mobsf] MobSF allows attackers to read arbitrary files via a crafted HTTP request
Mobile Security Framework (MobSF) v0.9.2 and below was discovered to contain a local file inclusion (LFI) vulnerability in the StaticAnalyzer/views.py script. This vulnerability allows attackers to read arbitrary files via a crafted HTTP request.
Refer…
[nokogiri] Update bundled libxml2 to v2.10.3 to resolve multiple CVEs
Summary
Nokogiri v1.13.9 upgrades the packaged version of its dependency libxml2 to v2.10.3 from v2.9.14.
libxml2 v2.10.3 addresses the following known vulnerabilities:
CVE-2022-2309
CVE-2022-40304
CVE-2022-40303
Please note that this advisory only a…
[io.dataease:dataease-plugin-common] MySQL JDBC deserialization vulnerability
Impact
In Dataease, the Mysql data source in the data source function can customize the JDBC connection parameters and the Mysql server target to be connected.
In backend/src/main/java/io/dataease/provider/datasource/JdbcProvider.java, MysqlConfigurat…
[github.com/cheqd/cheqd-node] Potential inter-blockchain communication (IBC) protocol compromise via “Dragonberry” vulnerability in cheqd
Impact
This vulnerability affects IBC transfers due to a security vulnerability dubbed “Dragonberry” upstream in Cosmos SDK. The vulnerability could allow malicious attackers to compromise chain-to-chain IBC transfers.
There is no vulnerability in the …
[@keystone-6/core] Field-level access-control bypass for multiselect field
Impact
@keystone-6/core@2.2.0 || 2.3.0 users who are using the multiselect field, and provided field-level access control – are vulnerable to their field-level access control not being used.
List-level access control is NOT affected.
Field-level access…
[parse-server] parse-server crashes when receiving file download request with invalid byte range
Impact
Parse Server crashes when a file download request is received with an invalid byte range.
Patches
Improved parsing of the range parameter to properly handle invalid range requests.
Workarounds
None
References
GHSA-h423-w6qv-2wj3
References
ht…
[minimatch] minimatch ReDoS vulnerability
A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.
References
https://nvd.nist.gov/vuln/d…
[py] ReDoS in py library when used with subversion
The py library through 1.11.0 for Python allows remote attackers to conduct a ReDoS (Regular expression Denial of Service) attack via a Subversion repository with crafted info data, because the InfoSvnCommand argument is mishandled.
The particular code…