Source
ghsa
In certain setups with threaded web servers, Audited's use of `Thread.current` can incorrectly attributed audits to the wrong user. Fixed in 5.3.3. In March, @convisoappsec noticed that the library in question had a Race Condition problem, which caused logs to be registered at times with different users than those who performed the genuine actions. - The first issue we identified was from November 2021: https://github.com/collectiveidea/audited/issues/601 - So the solution was implemented in the following Pull Request: https://github.com/collectiveidea/audited/pull/669 - And the feature was published in version 5.3.3: RELEASE: https://github.com/collectiveidea/audited/pull/671
### Impact Users of the MLflow Open Source Project who are hosting the MLflow Model Registry using the ``mlflow server`` or ``mlflow ui`` commands using an MLflow version older than **MLflow 2.3.1** may be vulnerable to a remote file access exploit if they are not limiting who can query their server (for example, by using a cloud VPC, an IP allowlist for inbound requests, or authentication / authorization middleware). This issue only affects users and integrations that run the ``mlflow server`` and ``mlflow ui`` commands. Integrations that do not make use of ``mlflow server`` or ``mlflow ui`` are unaffected; for example, the Databricks Managed MLflow product and MLflow on Azure Machine Learning do not make use of these commands and are not impacted by these vulnerabilities in any way. The vulnerability is very similar to https://nvd.nist.gov/vuln/detail/CVE-2023-1177, and a separate CVE will be published and updated here shortly. ### Patches This vulnerability has been patched in ...
### Impact An attacker can use XSS to send a malicious script to any user. ### Patches Update to version 10.5.21 or apply this patch manually https://github.com/pimcore/pimcore/commit/6970649f5d3790a1db9ef4324bece0d4cb95366a.patch ### Workarounds Apply patch https://github.com/pimcore/pimcore/commit/6970649f5d3790a1db9ef4324bece0d4cb95366a.patch manually. ### References https://huntr.dev/bounties/24d91b83-c3df-48f5-a713-9def733f2de7/
### Impact This vulnerability impacts GitHub workflows using the [Gradle Build Action](https://github.com/marketplace/actions/gradle-build-action) that have executed the Gradle Build Tool with the [configuration cache](https://docs.gradle.org/current/userguide/configuration_cache.html) enabled, potentially exposing secrets configured for the repository. Secrets configured for GitHub Actions are normally passed to the Gradle Build Tool via environment variables. Due to the way that the Gradle Build Tool records these environment variables, they may be persisted into an entry in the GitHub Actions cache. This data stored in the GitHub Actions cache can be read by a GitHub Actions workflow running in an untrusted context, such as that running for a Pull Request submitted by a developer via a repository fork. This vulnerability was discovered internally through code review, and we have not seen any evidence of it being exploited in the wild. However, in addition to upgrading the Gradle ...
phpMyFAQ prior to 3.1.13 has a stored cross site scripting vulnerability in `name` field in add question module. This allows an attacker to steal user cookies.
Command execution vulnerability in the ActionEnter Class ins jfinal CMS version 5.1.0 allows attackers to execute arbitrary code via a created json file to the ueditor route.
Concrete CMS (previously concrete5) before 9.2 is vulnerable to stored XSS on API Integrations via the name parameter.
Concrete CMS (previously concrete5) before 9.1 is vulnerable to Stored XSS in uploaded file and folder names.
Concrete CMS (previously concrete5) before 9.1 is vulnerable to stored XSS in RSS Displayer via the href attribute because the link element input was not sanitized.
Concrete CMS (previously concrete5) before 9.1 did not have a rate limit for password resets.