#auth

### Impact Two related XXE injection possibilities have been discovered, **impacting all versions of DSpace prior to 7.6.4, 8.2 and 9.1**. 1. External entities are not disabled when parsing XML files during import of an archive (in [Simple Archive Format](https://wiki.lyrasis.org/pages/viewpage.action?pageId=104566653)), either from command-line (`./dspace import` command) or from the "Batch Import (Zip)" user interface feature. _(Likely impacts all versions of DSpace 1.x <= 7.6.3, 8.0 <= 8.1, and 9.0)_ 2. External entities are also not explicitly disabled when parsing XML responses from some upstream services (ArXiv, Crossref, OpenAIRE, Creative Commons) used in [import from external sources](https://wiki.lyrasis.org/pages/viewpage.action?pageId=104566672) via the user interface or REST API. _(Impacts all versions of DSpace 7.0 <= 7.6.3, 8.0 <= 8.1 and 9.0)_ An XXE injection in these files may result in a connection being made to an attacker's site or a local path readable by the ...

Beware! SVG images are now being used with obfuscated JavaScript for stealthy redirect attacks via spoofed emails. Get insights from Ontinue's latest research on detection and defence.

The MCP Server at https://github.com/Sunwood-ai-labs/github-kanban-mcp-server/ is written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Server tool definition and implementation. ## Vulnerable tool The MCP Server exposes the tool `add_comment` which relies on Node.js child process API `exec` to execute the GitHub (`gh`) command, is an unsafe and vulnerable API if concatenated with untrusted user input. Data flows from the tool definition [here](https://github.com/Sunwood-ai-labs/github-kanban-mcp-server/blob/main/src/handlers/tool-handlers.ts#L79) which takes in `args.issue_number` and calls `handleAddComment()` in [this definitino](https://github.com/Sunwood-ai-labs/github-kanban-mcp-server/blob/main/src/handlers/comment-handlers.ts#L8) that uses `exec` in an insecure way. Vulnerable line of code: https://github.com/Sunwood-ai-labs/github-kanban-mcp-server/blob/main/src/handlers/comment-handlers.ts#L8-L23 ```js export async func...

#### Summary An unsafe JavaScript evaluation vulnerability in pyLoad’s CAPTCHA processing code allows **unauthenticated remote attackers** to execute **arbitrary code** in the client browser and potentially the backend server. Exploitation requires no user interaction or authentication and can result in session hijacking, credential theft, and full system rce. #### Details The vulnerable code resides in ```javascript function onCaptchaResult(result) { eval(result); // Direct execution of attacker-controlled input } ``` * The `onCaptchaResult()` function directly passes CAPTCHA results (sent from the user) into `eval()` * No sanitization or validation is performed on this input * A malicious CAPTCHA result can include JavaScript such as `fetch()` or `child_process.exec()` in environments using NodeJS * Attackers can fully hijack sessions and pivot to remote code execution on the server if the environment allows it ### Reproduction Methods 1. **Official Source Installation**:...

### Summary Directus Flows with a manual trigger are not validating whether the user triggering the Flow has permissions to the items provided as payload to the Flow. Depending on what the Flow is set up to do this can lead to the Flow executing potential tasks on the attacker's behalf without authenticating. ### Impact Bad actors could execute the manual trigger Flows without authentication, or access rights to the said collection(s) or item(s). Users with manual trigger Flows configured are impacted as these endpoints do not currently validate if the user has read access to `directus_flows` or to the relevant collection/items. The manual trigger Flows should have tighter security requirements as compared to webhook Flows where users are expected to perform do their own checks. ### Workarounds Users have to implement permission checks for read access to Flows and read access to relevant collection/items.

### Impact A path traversal vulnerability exists where an attacker with access to manipulate inputs when initializing the `Measured::Cache::Json class` would be able to instruct the library to read arbitrary files. ### Patches Users should update to the latest version.

### Summary The exact Directus version number is incorrectly being used as OpenAPI Spec version this means that it is being exposed by the `/server/specs/oas` endpoint without authentication. ### Impact With the exact version information a malicious attacker can look for known vulnerabilities in Directus core or any of its shipped dependencies in that specific running version.

### Summary When using Directus Flows with the WebHook trigger, all incoming request details are logged including security sensitive data like access and refresh tokens in cookies. ### Impact Malicious admins with access to the logs can hijack the user sessions within the token expiration time of them triggering the Flow.

### Summary When using Directus Flows to handle CRUD events for users it is possible to log the incoming data to console using the "Log to Console" operation and a template string. ### Impact Malicious admins can log sensitive data from other users when they are created or updated. ### Workarounds Avoid logging sensitive data to the console outside the context of development.

Microchip renewal scam targets UK pet owners using leaked data from insecure registries. Emails appear legit but aim to steal money and personal info.