#git

Concerns include everything from ransomware, malware, and phishing attacks on the game's infrastructure to those targeting event sponsors and fans.

An SQL injection vulnerability allows any authenticated user to execute arbitrary SQL commands on the server. This can lead to unauthorized access to sensitive data, data modification, or even complete control over the server. Details The vulnerability is found in the URL parameters of the following endpoint: `GET /admin/customermanagementframework/customers/list?add-new-customer=1&apply-segment-selection=Apply&filterDefinition[allowedRoleIds][]=1&filterDefinition[allowedUserIds][]=2&filterDefinition[id]=0&filterDefinition[name]=RDFYjolf&filterDefinition[readOnly]=on&filterDefinition[shortcutAvailable]=on&filter[active]=1&filter[email]=testing%40example.com&filter[firstname]=RDFYjolf&filter[id]=1&filter[lastname]=RDFYjolf&filter[operator-customer]=AND&filter[operator-segments]=%40%40dz1Uu&filter[search]=the&filter[segments][832][]=847&filter[segments][833][]=835&filter[segments][874][]=876&filter[showSegments][]=832 HTTP/1.1` The parameters filterDefinition and filter are vulnerable...

### Summary A Stored Cross-Site Scripting (XSS) vulnerability in PIMCORE allows remote attackers to inject arbitrary web script or HTML via the PDF upload functionality. This can result in the execution of malicious scripts in the context of the user's browser when the PDF is viewed, leading to potential session hijacking, defacement of web pages, or unauthorized access to sensitive information. ### Details The vulnerability is present in the PDF upload functionality of the PIM Core Upload module. When a user uploads a PDF file, the application fails to properly sanitize the content, allowing embedded scripts to be executed when the PDF is viewed. The affected code is located in the file handling and rendering logic of the PDF upload feature. ### PoC 1. Log in as Administrator  2. Hover to Assets ...

IntelBroker targets Hewlett-Packard Enterprise (HPE) again, claiming to have access to the company’s internal infrastructure and the possibility…

A critical vulnerability was discovered in the `ismp-grandpa` crate, that allowed a malicious prover easily convince the verifier of the finality of arbitrary headers. ### Description The vulnerability manifests as a verifer that only accepts incorrect signatures of Grandpa precommits and was introduced in this [specific commit](https://github.com/polytope-labs/ismp-substrate/pull/64/commits/5ca3351a19151f1a439c30d5cbdbfdc72a11f1a8#diff-3835cc24fb2011b3e8246036059acd8c2c2a9a869eedf7a210d18edb6543318dL262). Perhaps due to unfamiliarity with core substrate APIs. The `if` statement should have included a negation check, similar to the previous code, but this was omitted. Causing the verifier to **only** accept invalid signatures. This vulnerability remained undetected even with [integration tests](https://github.com/polytope-labs/ismp-substrate/pull/64/commits/04d5be207b082eb61d586d52e1685e2e060347e6#diff-4aedbca82d26bebc03f274e23fd5697c3346ffff54405c87af9018f3aef708b2R1-R160), as the...

When logs are written to a widely-writable directory (the default), an unprivileged attacker may predict a privileged process's log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and overwrite that sensitive file. To fix that, glog now causes the program to exit (with status code 2) when it finds that the configured log file already exists.

Advanced phishing campaign targets Poland and Germany, delivering Agent Tesla, Snake Keylogger and newly identified TorNet backdoor via…

Globally, security researchers and whistleblowers face increasingly hostile laws and judiciaries that are ready to levy fines and prison sentences.

## Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-q53r-9hh9-w277. This link is maintained to preserve external references. ## Original Description A vulnerability, which was classified as critical, has been found in Pimcore customer-data-framework up to 4.2.0. Affected by this issue is some unknown functionality of the file /admin/customermanagementframework/customers/list. The manipulation of the argument filterDefinition/filter leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.2.1 is able to address this issue. It is recommended to upgrade the affected component.

McAfee Labs uncovers malicious GitHub repositories distributing Lumma Stealer malware disguised as game hacks and cracked software. Learn…