Security
Headlines
HeadlinesLatestCVEs

Source

ghsa

GHSA-4pqp-69m3-f8pp: NotrinosERP vulnerable to SQL Injection

NotrinosERP v0.7 was discovered to contain a SQL injection vulnerability via the OrderNumber parameter at `/NotrinosERP/sales/customer_delivery.php`.

ghsa
Open in Source
#sql#vulnerability#git#php
GHSA-hh52-g5c4-wprh: Moodle may allow authenticated users to enumerate other user's names via learning plans page

Authenticated users were able to enumerate other users' names via the learning plans page.

GHSA-72w2-j52c-7682: Moodle SQL Injection vulnerability

Insufficient validation of profile field availability condition resulted in an SQL injection risk (by default only available to teachers and managers).

GHSA-56r9-72vx-q989: Moodle arbitrary file read vulnerability

Insufficient sanitizing in backup resulted in an arbitrary file read risk. The capability to access this feature is only available to teachers, managers and admins by default.

GHSA-q2x3-2f9g-h559: Moodle's Mustache pix helper contained a potential Mustache injection risk if combined with user input

The Mustache pix helper contained a potential Mustache injection risk if combined with user input (note: This did not appear to be implemented/exploitable anywhere in the core Moodle LMS).

GHSA-9f45-9qrw-pp4v: Moodle vulnerable to Cross-site Scripting when algebra filter enabled but not functional

If the algebra filter was enabled but not functional (eg the necessary binaries were missing from the server), it presented an XSS risk.

GHSA-wxmq-v9gx-75pg: Moodle vulnerable to Cross-site Request Forgery

The link to reset all templates of a database activity did not include the necessary token to prevent a CSRF risk.

GHSA-77jm-f3vj-xvx2: Moodle vulnerable to Cross-site Scripting

Content output by the database auto-linking filter required additional sanitizing to prevent an XSS risk.

GHSA-prjm-2fj2-787f: Moodle may allow teachers to access the names of users they could not otherwise access

Insufficient filtering of grade report history made it possible for teachers to access the names of users they could not otherwise access.

GHSA-493p-pfq6-5258: json-smart Uncontrolled Recursion vulnerabilty

### Impact Affected versions of [net.minidev:json-smart](https://github.com/netplex/json-smart-v1) are vulnerable to Denial of Service (DoS) due to a StackOverflowError when parsing a deeply nested JSON array or object. When reaching a ‘[‘ or ‘{‘ character in the JSON input, the code parses an array or an object respectively. It was discovered that the 3PP does not have any limit to the nesting of such arrays or objects. Since the parsing of nested arrays and objects is done recursively, nesting too many of them can cause stack exhaustion (stack overflow) and crash the software. ### Patches This vulnerability was fixed in json-smart version 2.4.9, but the maintainer recommends upgrading to 2.4.10, due to a remaining bug. ### Workarounds N/A ### References - https://www.cve.org/CVERecord?id=CVE-2023-1370 - https://nvd.nist.gov/vuln/detail/CVE-2023-1370 - https://security.snyk.io/vuln/SNYK-JAVA-NETMINIDEV-3369748