Security
Headlines
HeadlinesLatestCVEs

Tag

#java

CVE-2023-44390: XSS in Foreign Content

HtmlSanitizer is a .NET library for cleaning HTML fragments and documents from constructs that can lead to XSS attacks. The vulnerability occurs in configurations where foreign content is allowed, i.e. either `svg` or `math` are in the list of allowed elements. In the case an application sanitizes user input with a vulnerable configuration, an attacker could bypass the sanitization and inject arbitrary HTML, including JavaScript code. Note that in the default configuration the vulnerability is not present. The vulnerability has been fixed in versions 8.0.723 and 8.1.722-beta (preview version).

CVE
#xss#vulnerability#java
NPM Typosquatting Attack Deploys r77 Rootkit via Legitimate Package

By Deeba Ahmed Another day, another NPM typosquatting attack. This is a post from HackRead.com Read the original post: NPM Typosquatting Attack Deploys r77 Rootkit via Legitimate Package

Analysis and Config Extraction of Lu0Bot, a Node.js Malware with Considerable Capabilities

Nowadays, more malware developers are using unconventional programming languages to bypass advanced detection systems. The Node.js malware Lu0Bot is a testament to this trend. By targeting a platform-agnostic runtime environment common in modern web apps and employing multi-layer obfuscation, Lu0Bot is a serious threat to organizations and individuals. Although currently, the malware has low

CVE-2023-42809: Feature - allowedClasses setting added to SerializationCodec https://… · redisson/redisson@fe6a257

Redisson is a Java Redis client that uses the Netty framework. Prior to version 3.22.0, some of the messages received from the Redis server contain Java objects that the client deserializes without further validation. Attackers that manage to trick clients into communicating with a malicious server can include especially crafted objects in its responses that, once deserialized by the client, force it to execute arbitrary code. This can be abused to take control of the machine the client is running in. Version 3.22.0 contains a patch for this issue. Some post-fix advice is available. Do NOT use `Kryo5Codec` as deserialization codec, as it is still vulnerable to arbitrary object deserialization due to the `setRegistrationRequired(false)` call. On the contrary, `KryoCodec` is safe to use. The fix applied to `SerializationCodec` only consists of adding an optional allowlist of class names, even though making this behavior the default is recommended. When instantiating `SerializationCodec`...

CVE-2023-42808: GHSL-2023-026: Cross-site scripting (XSS) in Common Voice - CVE-2023-42808

Common Voice is the web app for Mozilla Common Voice, a platform for collecting speech donations in order to create public domain datasets for training voice recognition-related tools. Version 1.88.2 is vulnerable to reflected Cross-Site Scripting given that user-controlled data flows to a path expression (path of a network request). This issue may lead to reflected Cross-Site Scripting (XSS) in the context of Common Voice’s server origin. As of time of publication, it is unknown whether any patches or workarounds exist.

CVE-2023-27121: The Not So Pleasant Password Manager - MDSec

A cross-site scripting (XSS) vulnerability in the component /framework/cron/action/humanize of Pleasant Solutions Pleasant Password Server v7.11.41.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cronString parameter.

GHSA-43cp-6p3q-2pc4: HtmlSanitizer vulnerable to Cross-site Scripting in Foreign Content

### Impact The vulnerability occurs in configurations where foreign content is allowed, i.e. either `svg` or `math` are in the list of allowed elements. Specifically, the requirements for the vulnerability are: 1. Allowing one foreign element: `svg`, or `math` 2. Comments or one raw text element: `iframe`, `noembed`, `xmp`, `title`, `noframes`, `style` or `noscript` Configurations that meet the above requirements plus the following are vulnerable to an additional vulnerability: - Any HTML integration element: `title`, `desc`, `mi`, `mo`, `mn`, `ms`, `mtext`, `annotation-xml`. In case an application sanitizes user input with a vulnerable configuration, an attacker could bypass the sanitization and inject arbitrary HTML, including JavaScript code. Note that in the default configuration the vulnerability is not present. ### Patches The vulnerability has been fixed in versions 8.0.723 and 8.1.722-beta (preview version). ### Workarounds Disallow foreign elements `svg` and `math`. ...

Red Hat Security Advisory 2023-5421-01

Red Hat Security Advisory 2023-5421-01 - Multicluster Engine for Kubernetes 2.3.2 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy.

Ubuntu Security Notice USN-6406-1

Ubuntu Security Notice 6406-1 - Several security issues were discovered in the SpiderMonkey JavaScript library. If a user were tricked into opening malicious JavaScript applications or processing malformed data, a remote attacker could exploit a variety of issues related to JavaScript security, including denial of service attacks, and arbitrary code execution.

CVE-2023-22515: FAQ for CVE-2023-22515 | Atlassian Support

Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances. Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.