Security
Headlines
HeadlinesLatestCVEs

Tag

#git

CVE-2023-47094: Virtualmin-7.7/CVE-2023-47094 at main · pavanughade43/Virtualmin-7.7

An issue was discovered in Virtualmin 7.7. A Stored Cross-Site Scripting (XSS) vulnerability was discovered in the Account Plans tab of System Settings via the Plan Name field. Whenever the module is accessed, the XSS payload is executed.

CVE
Open in Source
#xss#vulnerability#git
CVE-2023-47098: Virtualmin-7.7/CVE-2023-47098 at main · pavanughade43/Virtualmin-7.7

An issue was discovered in Virtualmin 7.7. A Stored Cross-Site Scripting (XSS) vulnerability exists in the Create Extra Administrator tab via the "Real name or description" field.

CVE-2023-47099: Virtualmin-7.7/CVE-2023-47099 at main · pavanughade43/Virtualmin-7.7

An issue was discovered in Virtualmin 7.7. The Create Virtual Server functionality allows XSS attacks against anyone who accesses the Virtual Server Summary tab.

CVE-2023-47097: Virtualmin-7.7/CVE-2023-47097 at main · pavanughade43/Virtualmin-7.7

An issue was discovered in Virtualmin 7.7. The Server Templates feature under System Settings allows XSS.

CVE-2023-39695: Vulns/Insufficient Session Expiration - Elenos.md at 35fe4fb3d5945b5df2a87aab0cf9ec6137bcf976 · strik3r0x1/Vulns

Insufficient session expiration in Elenos ETG150 FM Transmitter v3.12 allows attackers to arbitrarily change transmitter configuration and data after logging out.

CVE-2023-37833: Vulns/BAC leads to access Traps configurations.md at main · strik3r0x1/Vulns

Improper access control in Elenos ETG150 FM transmitter v3.12 allows attackers to make arbitrary configuration edits that are only accessed by privileged users.

CVE-2023-46378: Minicms1.1.1 Exists storage xss

Stored Cross Site Scripting (XSS) vulnerability in MiniCMS 1.1.1 allows attackers to run arbitrary code via crafted string appended to /mc-admin/conf.php.

GHSA-jg7w-cxjv-98c2: `SPICEDB_DATASTORE_CONN_URI` is leaked when URI cannot be parsed in github.com/authzed/spicedb

When the provided datastore URI is malformed (e.g. by having a password which contains `:`) the full URI (including the provided password) is printed, so that the password is shown in the logs. Example output: ``` terminated with errors error="unable to create migration driver for postgres: parse \"postgres://spicedb:<PASSWORD IN PLAINTEXT>": invalid port \"<PASSWORD IN PLAINTEXT>\" after host" ```

GHSA-6f58-j323-6472: pimcore/admin-ui-classic-bundle Unverified Password Change

### Impact As old password can be set as new password , it is considered as password policy violation. Pimcore is not enforcing strict password policy which allow attacker to set old password as new password Proof of Concept 1. Go to Admin link 2. login and click on -> "User | My Profile". 3. Go to change password now put old password as new password and click save. ### Patches https://github.com/pimcore/admin-ui-classic-bundle/commit/498ac77e54541177be27b0c710e387c47b3836ea.patch ### Workarounds Update to version 1.2.0 or apply this patches manually https://github.com/pimcore/admin-ui-classic-bundle/commit/498ac77e54541177be27b0c710e387c47b3836ea.patch ### References https://huntr.com/bounties/b031199d-192a-46e5-8c02-f7284ad74021/

GHSA-wjcc-cq79-p63f: Possible Infinite Loop when PdfWriter(clone_from) is used with a PDF

### Impact An attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This infinite loop blocks the current process and can utilize a single core of the CPU by 100%. It does not affect memory usage. That is, for example, the case when the pypdf-user manipulates an incoming malicious PDF e.g. by merging it with another PDF or by adding annotations. ### Patches The issue was fixed with #2264 ### Workarounds If you cannot update your version of pypdf, you should modify `pypdf/generic/_data_structures.py` just like #2264 did.