#java

Axigen versions 10.5.0–4370c946 and below suffer from a cross site scripting vulnerability.

Pega Platform versions 7.1 to 8.8.3 are affected by an HTML Injection issue with a name field utilized in Visual Business Director, however this field can only be modified by an authenticated administrative user.

### Impact A malicious user can upload an SVG image containing JavaScript to their server. When matrix-media-repo is asked to serve that media via the `/_matrix/media/(r0|v3)/download` endpoint, it would be served with a `Content-Disposition` of `inline`. This can allow JavaScript to run in the browser if a client links to the `/download` endpoint directly. Server operators which do not share a domain between matrix-media-repo and other services are not affected, but are encouraged to upgrade regardless. ### Patches https://github.com/turt2live/matrix-media-repo/commit/77ec2354e8f46d5ef149d1dcaf25f51c04149137 and https://github.com/turt2live/matrix-media-repo/commit/bf8abdd7a5371118e280c65a8e0ec2b2e9bdaf59 fix the issue. Operators should upgrade to v1.3.0 as soon as possible. ### Workarounds The `Content-Disposition` header can be overridden by the reverse proxy in front of matrix-media-repo to always use `attachment`, defeating this issue at the cost of "worse" user experience when...

### Impact The proxy mode of WireMock, can be protected by the network restrictions configuration, as documented in [Preventing proxying to and recording from specific target addresses](https://wiremock.org/docs/configuration/#preventing-proxying-to-and-recording-from-specific-target-addresses). These restrictions can be configured using the domain names, and in such a case the configuration is vulnerable to the DNS rebinding attacks. A similar patch was applied in WireMock 3.0.0-beta-15 for the WireMock Webhook Extensions. The root cause of the attack is a defect in the logic which allows for a race condition triggered by a DNS server whose address expires in between the initial validation and the outbound network request that might go to a domain that was supposed to be prohibited. Control over a DNS service is required to exploit this attack, so it has high execution complexity and limited impact. ### Affected versions - WireMock 3,x until 3.0.3 (security patch), on default sett...

Zoo Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities in the Admin sign-in page via the username and password fields.

Tolgee is an open-source localization platform. Due to lack of validation field - Org Name, bad actor can send emails with HTML injected code to the victims. Registered users can inject HTML into unsanitized emails from the Tolgee instance to other users. This unsanitized HTML ends up in invitation emails which appear as legitimate org invitations. Bad actors may direct users to malicious website or execute javascript in the context of the users browser. This vulnerability has been addressed in version 3.29.2. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Unsafe deserialization in JSCAPE MFT Server versions prior to 2023.1.9 (Windows, Linux, and MacOS) permits an attacker to run arbitrary Java code (including OS commands) via its management interface

Ubuntu Security Notice 6352-1 - It was discovered that Apache Shiro incorrectly handled certain HTTP requests. A remote attacker could possibly use this issue to bypass security restrictions.

Izdelava IDS version 2.0 suffers from a cross site scripting vulnerability.

ColdFusion version 2021 update 1 (and earlier) and versions 2018.10 (and earlier) are impacted by an improper access control vulnerability when checking permissions in the CFIDE path. An authenticated attacker could leverage this vulnerability to access and manipulate arbitrary data on the environment.