Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-32671: Multiple Vulnerabilities Budyboss | INCIBE-CERT

A stored XSS vulnerability has been found on BuddyBoss Platform affecting version 2.2.9. This vulnerability allows an attacker to store a malicious javascript payload via POST request when sending an invitation.

CVE
#xss#vulnerability#web#java#wordpress#auth

Affected Resources

WordPress sites using BuddyBoss Platform version 2.2.9.

Description

INCIBE has coordinated the publication of 3 vulnerabilities in BuddyBoss Platform, which has been discovered by Anxo Januario Gonzales.

These vulnerabilities have been assigned the following codes:

  • CVE-2023-32669:
    • CVSS v3.1 base score: 5,4.
    • CVSS vector string: AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N.
    • Vulnerability type: CWE-639: authorization bypass through user-controlled Key
  • CVE-2023-32670:
    • CVSS v3.1 base score: 9,0.
    • CVSS vector string: AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H.
    • Vulnerability type: CWE-79: improper neutralization of input during web page generation (‘Cross-site Scripting’).
  • CVE-2023-32671:
    • CVSS v3.1 base score: 6,3.
    • CVSS vector string: AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N.
    • Vulnerability type: CWE-79: improper neutralization of input during web page generation (‘Cross-site Scripting’).

Solution

No solution has been identified at this time.

Detail

  • CVE-2023-32669: authorization bypass vulnerability, the exploitation of which could allow an authenticated user to access and rename other users’ albums. This vulnerability can be exploited by changing the album identification (id).
  • CVE-2023-32670: Cross-Site Scripting vulnerability, which could allow a local attacker with basic privileges to execute a malicious payload through the "[name]=image.jpg" parameter, allowing to assign a persistent javascript payload that would be triggered when the associated image is loaded.
  • CVE-2023-32671: Stored Cross-Site Scripting vulnerability, the exploitation of which could allow an attacker to store a malicious javascript payload via a POST request when sending an invitation to another user.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907