Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2021-4049: csrf for logout url · LiveHelperChat/livehelperchat@e7fe1aa

livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF)

CVE
#csrf

@@ -30,7 +30,7 @@

<a title="<?php echo erTranslationClassLhTranslation::getInstance()->getTranslation(‘chat/user_settings’,’Toggle between dark and white themes’);?>" href="<?php echo erLhcoreClassDesign::baseurl(‘front/switchdashboard’)?>/(action)/mode" class="dropdown-item pl-2"><span class="material-icons">settings_brightness</span><?php echo erTranslationClassLhTranslation::getInstance()->getTranslation(‘pagelayout/pagelayout’,’Dark/bright’);?></a>

</div>

<div class="col-6">

<a class="dropdown-item pl-2" href="<?php echo erLhcoreClassDesign::baseurl(‘user/logout’)?>" title="<?php echo erTranslationClassLhTranslation::getInstance()->getTranslation(‘pagelayout/pagelayout’,’Logout’);?>"><i class="material-icons">exit_to_app</i><?php echo erTranslationClassLhTranslation::getInstance()->getTranslation(‘pagelayout/pagelayout’,’Logout’);?></a>

<a class="dropdown-item pl-2" onclick="$(this).attr('href’,$(this).attr(‘href’)+’/(csfr)/’+confLH.csrf_token)" href="<?php echo erLhcoreClassDesign::baseurl(‘user/logout’)?>" title="<?php echo erTranslationClassLhTranslation::getInstance()->getTranslation(‘pagelayout/pagelayout’,’Logout’);?>"><i class="material-icons">exit_to_app</i><?php echo erTranslationClassLhTranslation::getInstance()->getTranslation(‘pagelayout/pagelayout’,’Logout’);?></a>

</div>

</div>

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907