Impact
All rights checks that would normally prevent a user from viewing a document on a wiki can be bypassed using the login action and directly specified templates. This exposes title, content and comments of any document and properties of objects (c…
[org.xwiki.platform:xwiki-platform-web-templates] XWiki Platform Web Templates vulnerable to Unauthorized User Registration Through the Distribution Wizard
Impact
By passing a template of the distribution wizard to the xpart template, user accounts can be created even when user registration is disabled. This also circumvents any email verification. Before versions 14.2 and 13.10.4, this can also be exploi…
[org.xwiki.platform:xwiki-platform-web] XWiki Platform Web Parent POM vulnerable to XSS in the attachment history
Impact
It’s possible to store a JavaScript which will be executed by anyone viewing the history of an attachment containing javascript in its name.
For example, attachment a file with name ><img src=1 onerror=alert(1)>.jpg will execute the ale…
[rdiffweb] rdiffweb CSRF vulnerability in profile’s SSH keys can lead to unauthorized access
rdiffweb prior to 2.4.3 is vulnerable to Cross-Site Request Forgery (CSRF). While adding SSH public keys to the profile, the server accepts the GET request, which results in adding an SSH public key to the profile and leads to unauthorized access to th…
[steal] steal vulnerable to Regular Expression Denial of Service via source and sourceWithComments
A Regular Expression Denial of Service (ReDoS) flaw was found in stealjs steal via the source and sourceWithComments variable in main.js.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-37262
https://github.com/stealjs/steal/issues/1531
https://g…
[org.eclipse.milo:sdk-server] Eclipse Milo vulnerable to Resource Exhaustion (Denial of Service)
Impact
Denial of Service
Details
OPC UA specification describes a concept named Subscriptions. Subscriptions monitor a set of Monitored Items for Notifications and return them to the Client in response to Publish requests. The server notifies the clien…
[github.com/gravitl/netmaker] Netmaker before 0.15.1 vulnerable to Insufficient Granularity of Access Control
Impact
Improper Authorization functions leads to non-privileged users running privileged API calls. If you have added users to your Netmaker platform who whould not have admin privileges, they could use their auth token to run admin-level functions via…
[github.com/matrix-org/dendrite] Dendrite signature checks not applied to some retrieved missing events
Impact
Events retrieved from a remote homeserver using /get_missing_events did not have their signatures verified correctly. This could potentially allow a remote homeserver to provide invalid/modified events to Dendrite via this endpoint.
Note that th…
[matrix-appservice-irc] Parsing issue in matrix-org/node-irc leading to room takeovers
Impact
Attackers can specify a specific string of characters, which would confuse the bridge into combining an attacker-owned channel and an existing channel, allowing them to grant themselves permissions in the channel.
Patched
The vulnerability has b…
[Microsoft.AspNetCore.App.Runtime.linux-arm64] .NET Denial of Service Vulnerability
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET Core 3.1 and .NET 6.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
A denial…