Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-28479: Responsible-Vulnerability-Disclosure/CVE-2022-28479 at main · looCiprian/Responsible-Vulnerability-Disclosure

SeedDMS versions 6.0.18 and 5.1.25 and below are vulnerable to stored XSS. An attacker with admin privileges can inject the payload inside the “Role management” menu and then trigger the payload by loading the “Users management” menu

CVE
Open in Source
#xss#vulnerability#java#php

Description

SeedDMS versions 6.0.18 and 5.1.25 are prone to stored XSS. It is possible to inject javascript code inside the “Role management” menu, inside the name field, and then trigger the payload by loading the “Users management” menu

POC

Injecting the payload

Triggering the payload

Remediation

Sanitize user input using “htmlspecialchars” php function

Reference

https://sourceforge.net/p/seeddms/code/ci/9e92524fdbd1e7c3e6771d669f140c62389ec375/

Timeline

  • [28/03/2022] Vulnerability evidence sent to the vendor
  • [28/03/2022] Vulnerability confirmed by the vendor
  • [28/03/2022] Vulnerability fixed by the vendor

Notes

Thanks to the main developer of SeedDMS, Uwe Steinmann, that immediately acknowledged the vulnerability and fixed it.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE